FlexNet Inventory Agent Change Log for IT Visibility
The following table provides a change history of the FlexNet inventory agent, linked to descriptions of features and fixes per version.
While it is technically possible to use a FlexNet Inventory Agent version that is higher than the FlexNet Beacon version, this configuration is not tested. Customers choosing to deploy agents with a higher version than the beacon do so at their own risk, and Flexera does not guarantee compatibility or support for such configurations.
If you choose to upgrade to FlexNet Inventory Agent version 22.2.0 and later, you MUST also upgrade your FlexNet Beacon to version 22.2.0 and later. Consider the following compatibility and upgrade requirements:
-
FlexNet Inventory Agent versions 22.1.0 and older will continue to work with FlexNet Beacon versions 22.2.0 and later.
-
For customers who use the self-upgrade functionality for agents and beacons, self-upgrade to FlexNet Inventory Agent versions 22.2.0 and later is available from FlexNet Beacon version 22.2.0 onwards.
-
If you upgrade your FlexNet Beacon to version 22.2.0 and later, you cannot use self-upgrade to deploy FlexNet Inventory Agent versions 22.1.0 and older.
FlexNet Inventory Agent Release 25.3.0
Enhanced Linux agent service management
Previously, the Linux agent installer called systemctl start after migrating from init.d to systemd, which could leave services in a broken or stale state. Now, the installer uses systemctl restart to ensure services are properly restarted and running. This enhancement provides more reliable service management during upgrades.
Removal of 32-bit agent installers
Support for 32-bit Linux i686 and Solaris x86 agent installers has been removed in this release. From FlexNet Inventory Agent version 25.3.0 onward, only 64-bit agent installers are included in IT Asset Management deployments.
Security context and liveness configuration for Kubernetes agent
Previously, the Kubernetes agent (KRM) did not support configuration for resource allocation, liveness probes, labels, or security context. Now, the agent supports a user-editable YAML file for these settings, allowing customers to customize limits, livenessProbe, and securityContext on the KRM controller. This enhancement provides greater flexibility and compliance with internal security policies.
Fix for Windows agent upload blocking due to missing WinHTTP timeout values
Affected versions: 23.0.0 to 25.2.0
Previously, the Windows FlexNet agent did not set explicit WinHTTP timeout values, which could result in upload operations blocking and ndupload.exe hanging. This release resolves this issue by ensuring appropriate timeout values are set.
Fix for agent service management after systemd migration on Linux
Affected versions: 25.0.0 to 25.2.0
Previously, the Linux agent only called services via init.d, causing newly upgraded agents to fail to start when using systemd. This release resolves this issue by implementing systemd calls when starting or stopping agent services, ensuring proper service management after migration.
Fix for ndtrack failure with exit code 126 when /tmp directory is set with noexec
Affected versions: 24.4.0 to 25.2.0
Previously, the FlexNet Inventory Scanner could fail with exit code 126 if the /tmp directory was set with noexec, particularly in container environments. This release resolves this issue.
Fix for Kubernetes agent not gathering inventory details due to missing InventorySettings.xml
Affected versions: 20.3.0 to 25.2.0
Previously, the Flexera Kubernetes agent (KRM) did not gather inventory details associated with settings in InventorySettings.xml because the file was not copied into containers being scanned. This release resolves this issue.
Fix for inventory upload failure after gathering Oracle Database or FMW inventory
Affected versions: 22.0.0 to 25.2.0
Previously, uploading inventory could fail with an error indicating "Failed to load library /opt/managesoft/lib/libuploader: Not enough space" after gathering Oracle Database or FMW inventory, especially on 32-bit systems. This release resolves this issue by improving memory management during the upload phase.
Fix for duplicate content records in process inventory for application detection
Affected versions: 25.0.0 to 25.2.0
Previously, there could be duplicate content records if the file system scan reported the same executable as a running process, leading to redundant entries in the inventory. This release resolves this issue by ensuring only a single content record is created per executable, improving inventory accuracy.
Bundled software version updated
Affected versions: See the following table for details
The following third party libraries bundled with the agent have been updated in this release to address security vulnerabilities.
| Library | New version | Affected versions |
|---|---|---|
Expat | 2.7.4 | All previous versions of the agent |
Go used by the Flexera KRM & LWK agents published in AWS public ECR | 1.25.7 | 14.3.0 to 25.2.0 |
OpenSSL | 3.0.19 | All previous versions of the agent |
FlexNet Inventory Agent Release 25.2.0
Containerd support in imgtrack
Previously, Flexera's Kubernetes agent did not support collecting inventory from environments using the containerd container runtime. Now, the imgtrack tool used with the Kubernetes agent has been enhanced to support containerd, enabling comprehensive inventory collection from environments using this widely adopted container runtime. This enhancement provides greater compatibility and improved visibility for containerized workloads.
Fix for Windows FlexNet Inventory Agent crash during software process scan
Affected versions: 25.0.0 to 25.1.0
Previously, the agent could crash when scanning for software processes on certain Windows systems. This release resolves this issue.
Fix for incorrect permissions on temporary storage directories created by fnms-podman-monitor
Affected versions: 22.4.0 to 25.1.0
Previously, the fnms-podman-monitor created temporary storage directories with incorrect permissions, allowing world-writable access without a sticky bit set. This release resolves this issue by ensuring the correct permissions are enforced on these directories.
Fix for skipping Podman container inventory if storage directory does not exist
Affected versions: 22.4.0 to 25.1.0
Previously, inventory gathering for Podman containers could be skipped if the expected storage directory did not exist, resulting in incomplete inventory data. This release resolves this issue.
Fix for agent hang when collecting disk space from network filesystems
Affected versions: All previous versions of the agent
Previously, collecting disk space information from certain network filesystems could cause the FlexNet Inventory Agent to hang during inventory collection. This release resolves this issue by excluding network filesystems from the disk space calculation.
Fix for agent hang during logical device space calculation
Affected versions: 23.2.0 to 25.1.0
Previously, only the call to the filesystem was implemented with a timeout, so the agent could still hang when calculating the disk space of a network filesystem. This release resolves this issue by adding a timeout to the disk space calculation and improving logging for troubleshooting.
Fix for Kubernetes image details not appearing in All Containers view
Affected versions: 16.5.0 to 25.1.0
Previously, Kubernetes image details gathered by the Lightweight Kubernetes agent might not appear in the All Containers view if certain image details were missing from the node status. This release resolves this issue.
Fix for ndschedag executing flxconfig using an incorrect path
Affected versions: 22.4.0 to 25.1.0
Previously, the agent could attempt to execute flxconfig using an incorrect path if installed on the IT Asset Management application server, resulting in errors. This release resolves this issue.
Fix for MachineType reporting on macOS arm64 virtual instances
Affected versions: 20.2.0 to 25.1.0
Previously, inventory agents running on macOS arm64 virtual instances reported the MachineType as "physical" instead of "virtual." This release resolves this issue by correctly identifying and reporting the MachineType for virtual instances.
Bundled software version updated
Affected versions: See the following table for details
The following third party libraries bundled with the agent have been updated in this release to address security vulnerabilities.
| Library | New version | Affected versions |
|---|---|---|
| github.com/sigstore/fulcio and github.com/containernetworking/plugins Components used by the Podman monitor | N/A | 22.4.0 to 25.1.0 |
Go | 1.25.7 | 14.3.0 to 25.1.0 |
libcurl | 8.18.0 | 23.0.0 to 25.1.0 |
FlexNet Inventory Agent Release 25.1.0
Kubernetes agent support for Flatcar Container Linux
Previously, Flatcar Container Linux was not supported by the Kubernetes agent, leaving customers running that solution with gaps in inventory and compliance. Now, the Flexera Kubernetes agent can collect inventory for containers and images running on Flatcar Container Linux and correctly reports Flatcar as the operating system. This enhancement provides broader coverage for modern, container-optimized platforms, helping users manage assets consistently across Flatcar-based Kubernetes and standalone Flatcar instances.
Linux agent support for ContainerD
Previously, ContainerD activity on Linux hosts was not captured by the FlexNet inventory agent. This release introduces a new ContainerD monitor (fnms-containerd-monitor) for the FlexNet agent on Linux, including the ability to enable or disable ContainerD inventory collection from Flexera One. This enhancement provides broader coverage of containerized workloads and more accurate, configurable inventory data for Linux environments.
Non-root execution for Lightweight Kubernetes Agent
Previously, the Lightweight Kubernetes Agent container image ran its processes as the root user. Now, the agent container is built to include a dedicated non-root user and runs the agent under this account by default. This enhancement provides improved security and better alignment with containerization best practices.
IBM LPAR pool capacity reporting
Previously, the FlexNet agent used the "Active CPUs in Pool" value when reporting shared pool capacity for IBM LPAR environments. Now, the agent primarily uses the more accurate "Maximum Capacity of Pool" value, with "Active CPUs in Pool" used only as a fallback when needed. This enhancement provides more precise capacity data to support accurate pool capping calculations and licensing decisions.
Enhanced web metering browser extension installation logging
Previously, the agent would not log to file if any issues happened during the browser extension installation. This release has the agent write to file even if it has nothing to report, to improve the troubleshooting experience.
Fix for CRL cache handling in FlexNet inventory agent
Affected FlexNet Inventory Agent versions: 23.0.0 to 25.0.0
Previously, there was an issue where the FlexNet inventory agent could fail to connect to a beacon with a "CRL has expired" error if a new certificate revocation list (CRL) was published before the current CRL's stated expiry time. This release resolves this issue.
Fix for processor capacity reporting for capped LPARs
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, there was an issue where the FlexNet inventory agent reported incorrect processor capacity values for capped LPARs, which could lead to inaccurate license consumption calculations. This release resolves this issue.
Fix for CRL file handling in FlexNet inventory agent on macOS
Affected FlexNet Inventory Agent versions: 23.0.0 to 25.0.0
Previously, there was an issue where the FlexNet inventory agent on macOS could save an empty (0 byte) CRL file and then attempt to use it, causing connection errors and disrupting reporting. This release resolves this issue.
Fix for logical disk space retrieval hangs on network filesystems
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, there was an issue where collecting disk space information from certain network filesystems could cause the FlexNet inventory agent to hang during inventory collection. This release resolves this issue by adding a 60-second timeout for the disk space calculation.
Fix for default exclusion of Windows container directories in FlexNet inventory agent
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, there was an issue where the FlexNet inventory agent on Windows did not automatically exclude the C:\ProgramData\Microsoft\Windows\Containers directory from inventory collection, which could result in scanning container layers and reporting software that was not actually installed on the host. This release resolves this issue.
Fix for browser extension removal during FlexNet inventory agent uninstall
Affected FlexNet Inventory Agent versions: 24.1.1 to 25.0.0
Previously, there was an issue where the browser extension associated with the FlexNet inventory agent might not be removed correctly when the agent was uninstalled. This release resolves this issue.
Fix for FlexNet inventory agent uninstall wait time
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, there was an issue where uninstalling or upgrading the FlexNet inventory agent could unnecessarily wait for up to 10 minutes while checking for related agent processes to exit. This release resolves this issue by improving the waiting logic.
Fix for uncontrolled reboot during FlexNet inventory agent self-upgrade on Windows
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, there was an issue where upgrading the FlexNet inventory agent on Windows could trigger an unexpected system reboot, because the upgrade did not fully suppress reboot behavior when files were in use. This release resolves this issue.
Fix for inconsistent timestamp formats in flxconfig logs on Unix
Affected FlexNet Inventory Agent versions: 22.4.0 to 25.0.0
Previously, there was an issue where the flxconfig component of the Flexera inventory agent on Unix systems changed timestamp formats after it started logging, making the logs harder to read and interpret. This release resolves this issue.
Fix for RPM package release details in usage data
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, there was an issue where the agent could not collect the same version and manufacturer for usage data on RPM packages compared to the installer evidence data, causing applications to miss usage. This release resolves this issue.
Bundled software version updated
Affected FlexNet Inventory Agent versions: See the following table for details
The following third party libraries bundled with the FlexNet Inventory Agent have been updated in this release to address security vulnerabilities.
| Library | New version | Affected FlexNet Inventory Agent versions |
|---|---|---|
libcurl | 8.17.0 | 23.0.0 to 25.0.0 |
libxslt | 1.1.45 | All previous versions of the agent |
| github.com/sigstore/fulcio and github.com/containernetworking/plugins Components used by the Podman monitor | N/A | 22.4.0 to 25.0.0 |
| golang.org/x/crypto A component used by the Kubernetes agent and the Podman monitor | N/A | All previous versions of the agent |
FlexNet Inventory Agent Release 25.0.0
Windows Store application installer evidence collection
Previously, the FlexNet Inventory Agent could not collect installer evidence for Windows Store (AppX/MsiX) applications, limiting detection and recognition of these apps. Now, the agent gathers installer evidence for Windows Store applications, enabling accurate identification and improved detection of these applications.
Process inventory for improved application detection
Previously, process inventory data collected by the agent was limited, making it difficult to accurately match running processes to recognized applications. Now, the agent gathers more detailed process information across supported platforms and uses this data as additional evidence for application detection.
Fix for event stream reconnection in fnms-docker-monitor
Affected FlexNet Inventory Agent versions: 15.0.0 to 24.4.0
Previously, there was an issue where the fnms-docker-monitor service could not reliably reconnect to the event stream after the Docker daemon was restarted on systems running k3s and Docker. This release resolves this issue, ensuring that event monitoring continues smoothly following a Docker restart.
Fix for agent service management on Linux platforms
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, there was an issue where agent installation on Linux systems used the older init.d service manager, even on platforms where init.d is deprecated and systemd is available. This release resolves the issue by ensuring the agent prioritizes systemd for service management whenever it is present.
Fix for duplicate computer name in web metering output
Affected FlexNet Inventory Agent versions: 24.1.1 to 24.4.0
Previously, there was an issue where the computer name was duplicated in the account field of the web metering file when users accessed a device via Remote Desktop. This caused account names to appear incorrectly, such as "ComputerName\ComputerName\UserName". This release resolves the issue.
Fix for removal of Docker Monitor service during agent upgrade
Affected FlexNet Inventory Agent versions: 23.0.0 to 24.4.0
Previously, there was an issue where the Flexera Inventory Docker Monitor service (fnms-docker-monitor.exe) was unexpectedly removed when upgrading the Windows agent from version 22.4 (2024 R1.4) or earlier to 23.0 (2024 R2) or later. This release resolves the issue.
Fix for agent startup after reboot on SUSE Linux
Affected FlexNet Inventory Agent versions: 13.2.0 to 24.4.0
Previously, there was an issue where the agent would not start automatically after a reboot on SUSE Linux systems using systemd, such as SUSE Linux Enterprise 15. This release resolves the issue.
Bundled software version updated
Affected FlexNet Inventory Agent versions: See the following table for details
The following third party libraries bundled with the FlexNet Inventory Agent have been updated in this release to address security vulnerabilities.
| Library | New version | Affected FlexNet Inventory Agent versions |
|---|---|---|
OpenSSL | 3.0.18 | All previous versions of the agent |
| http://github.com/opencontainers/selinux Library used by the Podman monitor | N/A | 22.4.0 to 24.4.0 |
| http://github.com/opencontainers/runc Library used by the Podman monitor | N/A | 24.0.0 to 24.4.0 |
FlexNet Inventory Agent Release 24.4.0
Dependency removal from Linux agent
Affected FlexNet Inventory Agent versions: 23.0.0 to 24.3.0
Previously, the Linux agent relied on the external librt.so library, which was introduced during an upgrade to use curl. In this release, this dependency has been removed. This enhancement simplifies deployment and improves compatibility across different environments by reducing external library requirements.
Enhanced agent service startup dependency handling
Previously, agent services running in Least Privilege Operation mode could attempt to start before the required LDAP user account was available, leading to startup failures if the LDAP service was not yet connected. Now, the agent services will check for the availability of the user account before proceeding with startup. This enhancement provides more reliable agent initialization and reduces errors related to service dependencies.
Enhanced diagnostic logging for agent connection errors
Affected FlexNet Inventory Agent versions: 23.0.0 to 24.3.0
Previously, when the FlexNet Inventory Agent encountered a WinHttpSendRequest error 12175 ("A security error occurred"), the log messages provided limited information, making it difficult to identify the root cause and resolve connection issues. Now, the agent reports additional diagnostic details from the WinHTTP library to the trace log. This enhancement helps users and support teams resolve connectivity problems more efficiently.
Fix for case sensitivity in beacon GUID handling
Affected FlexNet Inventory Agent versions: 22.2.0 to 24.3.0
Previously, there was an issue where beacon details in the agent configuration could be incorrectly deleted if the agent received the same beacon's GUID in a different letter case (uppercase vs. lowercase) when fetching policy from a different beacon. This release resolves this issue.
Fix for username detection in Least Privilege Operation mode with unresolved LDAP users
Affected FlexNet Inventory Agent versions: 19.4.0 to 24.3.0
Previously, there was an issue where the agent could not resolve the username when running in Least Privilege Operation mode if the system was not correctly configured for LDAP users, resulting in failures to identify the running user. This release resolves this issue.
Fix for IPv6 address handling in agent communication
Affected FlexNet Inventory Agent versions: 23.0.0 to 24.3.0
Previously, there was an issue where the agent failed to communicate with beacons when using IPv6 addresses in the URL, resulting in errors such as "The URL is invalid" during file uploads. This release resolves this issue.
Fix for duplicate physical shared pool creation in Linux LPARs
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, there was an issue where Linux LPARs assigned the same value (the Shared Pool ID) to both SharedPoolID and PhysicalSharedPoolID, causing inventory from virtual machines on different shared pools to create duplicate physical shared pool entries in IT Asset Management. This release resolves this issue by hardcoding the PhysicalSharedPoolID as 0, aligning the behavior with the AIX agent.
Fix for agent service startup on SUSE Linux servers
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, there was an issue where agent services could fail to start on SUSE Linux servers, resulting in errors such as "/etc/init.d/ndtask: line 181: daemon: command not found." This release resolves this issue.
Third party libraries version updated
Affected FlexNet Inventory Agent versions: See the following table for details
The following third party libraries bundled with the FlexNet Inventory Agent have been updated in this release to address security vulnerabilities.
| Library | New version | Affected FlexNet Inventory Agent versions |
|---|---|---|
libcurl | 8.16.0 | 23.0.0 to 24.3.0 |
libxml2 | 2.13.9 | All previous versions of the agent |
Expat | 2.7.3 | All previous versions of the agent |
github.com/containers/podman/v5 The library used by the Podman monitor | N/A | 22.4.0 to 24.3.0 |
FlexNet Inventory Agent Release 24.3.0
Scanning exclusion for on-demand files from macOS inventory
Previously, the agent on macOS would attempt to scan all files, including those marked as "on-demand" by OneDrive, which could trigger the download of files not actually present on the device. Now, the agent detects and ignores files that are only available in the cloud and not present on disk, excluding them from the file scan process. This enhancement prevents unnecessary files from being downloaded during a scan and improves system performance.
Fix for recognition of non-English db2licm output in the least privilege operation mode
Affected FlexNet Inventory Agent versions: 17.0.0 to 24.2.0
Previously, there was an issue where the FlexNet Inventory Agent running in the least privilege operation mode could not recognize IBM DB2 license information if the db2licm tool output was in a language other than English. This release resolves this issue.
Fix for case-sensitive handling of "ManageSoftDL" in beacon URLs
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, there was an issue where only the exact and case-sensitive version of "ManageSoftDL" was recognized when validating and modifying beacon URLs. This meant that other case variations were not properly handled, potentially causing configuration problems for users. This release resolves this issue. Now, all case-insensitive versions of the "managesoft" string are supported in beacon URL validation and modification.
Fix for missing Kubernetes images in the All Containers view
Affected FlexNet Inventory Agent versions: 17.0.1 to 24.2.0
Previously, there was an issue where some Kubernetes images were not displayed in the All Containers view if the system could not retrieve all image details from the cluster's node status. This release resolves this issue. Now, images not found via the standard node API are also reported and visible.
Fix for mgsusageag process stability on RHEL servers
Affected FlexNet Inventory Agent versions: 22.4.0 to 24.2.0
Previously, there was an issue where the mgsusageag process would unexpectedly terminate with segmentation faults on some RHEL 7.7 servers, particularly those under high load. This release resolves this issue.
Fix for ndtrack.sh extraction on read-only file systems
Affected FlexNet Inventory Agent versions: 17.0.1 to 24.2.0
Previously, there was an issue where ndtrack.sh could not extract files to /var/tmp if the container's root file system was read-only. This release resolves this issue.
Vulnerabilities addressed in the Kubernetes agent
Affected FlexNet Inventory Agent versions: 24.0.0 to 24.2.0
The Kubernetes agent has been updated to address security vulnerabilities in the k8s.io/kubernetes component.
FlexNet Inventory Agent Release 24.2.0
Scanning exclusions for Projected Filesystems from Windows inventory
Previously, the agent's exclusion capabilities were limited to file path based rules, which could not reliably prevent scanning of Projected Filesystem mounts placed anywhere in the filesystem. Now, the agent detects Projected Filesystem folders and files in Windows inventory, excluding those not present on disk from the file scan process. This enhancement prevents unnecessary files from being downloaded during a scan and improves system performance.
Scanning exclusion for on-demand files from Windows inventory
Previously, the agent would attempt to scan all files, including those marked as "on-demand" by OneDrive, which could trigger the download of files not actually present on the device. Now, the agent detects and ignores files that are only available in the cloud and not present on disk, excluding them from the file scan process. This enhancement prevents unnecessary files from being downloaded during a scan and improves system performance.
Fix for certificate revocation validation error reporting
Affected FlexNet Inventory Agent versions: 22.2.0 to 24.1.1
Previously, there was an issue where certificate validation errors were not reported if certificate revocation checking was enabled and no Certificate Revocation Lists (CRLs) could be downloaded on Unix-like systems. This release resolves this issue.
Fix for recognition of non-English db2licm output
Affected FlexNet Inventory Agent versions: 17.0.0 to 24.1.1
Previously, there was an issue where the FlexNet Inventory Agent could not recognize IBM DB2 license information if the db2licm tool output was in a language other than English. This release resolves this issue when the agent is run as root.
When running in the least privilege operation mode, recognition of non-English db2licm output may still be limited due to permissions constraints.
Fix for Podman monitor handling of user IDs above 2000
Affected FlexNet Inventory Agent versions: 22.4.0 to 24.1.1
Previously, there was an issue where the fnms-podman-monitor module did not gather Podman container or image details if the running user ID was greater than 2000. This release resolves this issue.
Fix for IBM Z layer naming in inventory reports
Affected FlexNet Inventory Agent versions: 19.2.0 to 24.1.1
Previously, there was an issue where IBM Z hypervisor layers without a name were incorrectly assigned the name of their parent layer in inventory reports. This could cause confusion by displaying duplicate names for different layers. This release resolves this issue.
Fix for Docker monitor installation on unsupported Windows systems
Affected FlexNet Inventory Agent versions: 14.3.0 to 24.1.1
Previously, there was an issue where the FlexNet Inventory Agent attempted to install the Docker monitor service on Windows operating systems that do not support Docker, such as 32-bit Windows or versions prior to Windows Server 2016. This could result in installation failures and unnecessary errors. This release resolves this issue.
Fix for unnecessary server certificate subject name checking
Affected FlexNet Inventory Agent versions: 23.5.0 to 24.1.1
Previously, there was an issue where the FlexNet Inventory Agent for Unix-like operating systems would still check that the server certificate's subject name matched the server name, even when server certificate verification was disabled (CheckServerCertificate=False). This could cause unnecessary connection failures if the certificate did not match the server name or IP address. This release resolves this issue.
Fix for image pull secret handling in KRM HELM chart
Affected FlexNet Inventory Agent versions: 21.5.0 to 24.1.1
Previously, there was an issue where the KRM HELM chart did not process the image pull secret required for pulling the KRM controller image from a private registry, even though the monitor and node components worked as expected. This release resolves this issue.
Fix for content type setting for non-zipped file uploads
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, there was an issue where the FlexNet Inventory Agent did not correctly set the content type property when uploading non-zipped file types to the beacon. This could lead to improper handling of uploaded files. This release resolves this issue.
Fix for proxy configuration priority
Affected FlexNet Inventory Agent versions: 23.0.0 to 24.1.1
Previously, there was an issue where the FlexNet Inventory Agent did not use the proxy settings configured under the beacon's proxy key, and instead only used the values set under the configuration keys. This made it unclear which proxy settings would take effect and could lead to connectivity problems. This release resolves this issue. The agent now prioritizes the beacon's proxy key, and only falls back to the configuration keys if the beacon's proxy key is not set.
Fix for package registry file path logging in tracker log
Affected FlexNet Inventory Agent versions: 19.1.0 to 24.1.1
Previously, there was an issue where the FlexNet Inventory Agent did not display the paths to detected package registry files (such as .com.zerog.registry.xml) in the tracker.log file, and this information was only available in the more detailed trace log. This behavior made it harder for users to track these files. This release resolves this issue. Paths to package registry files are now correctly shown in the tracker.log file.
Fix for Windows Update search timeout support
Affected FlexNet Inventory Agent versions: 24.1.0 to 24.1.1
Previously, the FlexNet Inventory Agent did not apply the configured timeout setting when searching for Windows Updates, which could result in the agent hanging or taking longer than expected during update scans. This release resolves this issue. The agent now respects the SoftwareUpdateScanTimeoutSeconds setting when performing Windows Update searches.
Fix for agent hanging on inaccessible network mounts
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, there was an issue where the FlexNet Inventory Agent could hang indefinitely when attempting to scan network mounts that were inaccessible, such as unresponsive NFS shares. This release resolves this issue.
Fix for missing machine type in first agent inventory scan
Affected FlexNet Inventory Agent versions: 17.2.0 to 24.1.1
Previously, there was an issue where the FlexNet Inventory Agent did not report the machine type the first time it ran on a new machine. This release resolves this issue. The agent now correctly reports the machine type on the initial scan after installation.
Security vulnerabilities addressed
Affected FlexNet Inventory Agent versions: 24.1.0 to 24.1.1
The http://github.com/docker/docker library used by the Docker and Podman monitors and the Kubernetes Agent has been updated in this release to address security vulnerabilities.
FlexNet Inventory Agent Release 24.1.1
Support for SaaS web metering
This feature requires FlexNet Beacon version 24.1.1 or higher.
The FlexNet Inventory Agent now supports SaaS web metering on Windows and Mac devices. With this new feature, usage data on SaaS applications can be collected and used for further license optimization. Specific web browser extensions are required to use this feature. For more information, see Agent-based browser extensions.
Enhanced macOS application recognition
The FlexNet Inventory Agent for macOS has been enhanced to collect publisher details, improving software recognition and accuracy.
Fix for an issue with Podman and Docker monitor services
Affected FlexNet Inventory Agent versions: 23.5.0 to 24.1.0
Previously, the FlexNet Inventory Agent would not enable and start the Podman and Docker monitor services, causing containers not being inventoried. This release resolves this issue. The services will now be correctly enabled and started after installation.
FlexNet Inventory Agent Release 24.1.0
Enhanced OS update visibility
The FlexNet Inventory Agent can now gather security-related software update information on Red Hat Enterprise Linux, macOS, and Windows environments. On Red Hat Enterprise Linux and macOS, this includes available security-related software updates. On Windows, this includes both available and already installed security-related software updates.
Enhanced HELM chart versioning
Previously, the HELM chart for Flexera KRM and LWK container agents could be updated without a corresponding version number change, as only the image tag was modifed. Now, the HELM chart version is incremented with every release, even when only the image tag changes. This enhancement improves version transparency and ensures users can reliably identify updates to the HELM chart.
Fix for an issue of incomplete certificate revocation list (CRL) retrieval
Affected FlexNet Inventory Agent versions: 23.0.0 to 24.0.0
Previously, there was an issue where the FlexNet Inventory Agent did not always retrieve all necessary certificate revocation lists (CRLs) during communication with Beacons, which could lead to incomplete certificate validation and potential connection failures. This release resolves this issue by ensuring the agent loads all relevant certificates and their associated CRLs, improving security and reliability for authentication and validation processes.
Third party libraries version updated
Affected FlexNet Inventory Agent versions: See the following table for details
The following third party libraries bundled with the FlexNet Inventory Agent have been updated in this release to address security vulnerabilities.
| Library | New version | Affected FlexNet Inventory Agent versions |
|---|---|---|
libcurl | 8.14.1 | 23.0.0 to 24.0.0 |
libxml2 | 2.13.8 | All previous versions of the agent |
| k8s.io/kubernetes A component used by the Kubernetes agent | N/A | 24.0.0 |
podman docker Libraries used by the Podman monitor | N/A | 22.4.0 to 24.0.0 |
FlexNet Inventory Agent Release 24.0.0
Improved upload process
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, the ndupload component contained unused code and lacked process priority optimization. This release removes the unused code and introduces a "low profile" mode with adjusted niceness level. Niceness is a value that influences how much CPU time a process receives compared to other processes. These changes optimize the upload process.
Fix for disk size reporting issue on AIX systems
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, there was an issue with the FlexNet Inventory Agent on AIX systems where reported disk sizes were approximately 95% of the actual size. This release resolves this issue.
Fix for Windows policy bootstrap failure
Affected FlexNet Inventory Agent versions: 22.2.0 to 23.5.0
Previously, there was an issue where the scheduler failed to invoke flxconfig.exe on Windows to bootstrap policy after boot if no schedule was installed. This was due to the RetryPolicyCommand preference value being resolved incorrectly. This release resolves this issue.
Third party libraries version updated
Affected FlexNet Inventory Agent versions: 21.5.0 to 23.5.0
The golang.org/x/net component used in the Docker monitor has been updated in this release to address security vulnerabilities.
FlexNet Inventory Agent Release 23.5.0
Windows DEP and ASLR security policy compliance
Affected versions: All previous versions of the agent
Previously, the FlexNet Inventory Agent processes were not fully aligned with DEP and ASLR best practices on Windows. Now, these processes have been updated to comply with Windows DEP and ASLR policies. This enhancement provides improved security.
Improved process scan performance on Unix
Affected FlexNet Inventory Agent versions: 22.2.0 to 23.4.0
Previously, the FlexNet Inventory Agent checked the same executable file repeatedly for multiple running processes on Unix systems. Now, the agent caches file checks, reusing results for multiple processes. This enhancement provides more efficient scanning performance.
Fix for the agent configuration access issue
Affected FlexNet Inventory Agent versions: 23.0.1 to 23.4.0
Previously, there was an issue for on-premises users where the agent configuration endpoint was placed under the inventory-beacons, requiring Windows authentication that agents could not provide if the beacon was installed on the same server as the application. This release resolves the issue. The agent now uses the ManageSoftDL endpoint instead of the inventory-beacons endpoint to download configuration.
Fix for missing Kubernetes event notification
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, there was an issue where the Standard Flexera Kubernetes Inventory Agent (also known as the "full" Flexera Kubernetes inventory agent) did not receive an event when new images were added to a node on VMware Tanzu Kubernetes. This release resolves this issue.
Fix for Podman monitor failure on Oracle Linux 6
Affected FlexNet Inventory Agent versions: 22.4.0 to 23.4.0
Previously, there was an issue where the fnms-podman-monitor service failed to start on Oracle Linux 6 because that operating system does not support Podman. This release resolves this issue by preventing installation of the Podman monitor service on Oracle Linux 6.
Fix for the issue with IPv6 subnet value reporting
Affected FlexNet Inventory Agent versions: 23.4.0
Previously, there was an issue where the IPv6 subnet value was not reported in the network device inventory (NDI) data. This release resolves this issue.
Third party libraries version updated
Affected FlexNet Inventory Agent versions: See the following table for details
The following third party libraries bundled with the FlexNet Inventory Agent have been updated to address security vulnerabilities.
| Library | Affected FlexNet Inventory Agent versions |
|---|---|
| golang.org/x/net A component used by the Podman monitor and Kubernetes agent | Version 17.4.0 onwards |
Expat | All previous versions of the agent |
libxslt | All previous versions of the agent |
FlexNet Inventory Agent Release 23.4.0
Support for "LowProfile" mode setting in flxconfig
Affected FlexNet Inventory Agent versions: 22.2.0 to 23.3.0
Previously, the flxconfig module did not support the LowProfile mode option. Now, flxconfig checks for and implements the "LowProfile" setting. This enhancement allows for better resource management.
Improved BIOS information collection on Solaris
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, the FlexNet Inventory Agent did not include ReleaseDate and Version in the MGS_BIOS class on Solaris. Now, the FlexNet Inventory Agent collects and includes this information in the Solaris NDI. This enhancement provides more comprehensive BIOS data for Solaris systems.
Fix for expired client certificate handling on Windows
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, the FlexNet Inventory Agent on Windows, when configured to use mutual TLS, could potentially use expired client certificates from the local certificate store. This release resolves this issue.
Fix for NetSelector configuration in flxconfig
Affected FlexNet Inventory Agent versions: 22.2.0 to 23.3.0
Previously, flxconfig did not parse the NetSelector setting from the agent_config.json file received from the beacon or write the setting to the registry. This release resolves this issue.
Fix for invalid flxrasvc user account creation on macOS
Affected FlexNet Inventory Agent versions: 19.4.0 to 23.3.0
Previously, there was an issue where an invalid flxrasvc user account was created when installing the FlexNet Inventory Agent in Least Privilege Operation mode on a macOS computer if any user name on the computer contained a space. This release resolves this issue.
Fix for high CPU usage during inventory scanning
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, there was an issue where ndtrack processes doing high-frequency inventory scanning could use 100% CPU and run for extended periods if the previous inventory file contained a large amount of file content. This release resolves this issue.
Fix for manual start of Daily Heartbeat Schedule
Affected FlexNet Inventory Agent versions: 22.2.0 to 23.3.0
Previously, there was an issue where manually starting the Daily Heartbeat Schedule would fail. This release resolves this issue.
Fix for PreferenceUpdatePeriod preference
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, there was an issue where the Usage agent preference "PreferenceUpdatePeriod" was not working correctly on Unix-like operating systems, potentially preventing timely rotation of the usageagent.log file. This release resolves this issue.
Fix for repeated execution of mgspkgdb
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, there was an issue where the mgspkgdb process could be executed repeatedly in a tight loop by the Usage agent. This release resolves this issue.
Fix for MgsUsageag sleep time calculation
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, there was an issue with the function in the MgsUsageag process that determines how long it should sleep, causing the Usage agent log file to grow rapidly. This release resolves this issue.
Third party libraries version updated
Affected FlexNet Inventory Agent versions: 16.4.0 to 23.3.0
The golang.org/x/net and containerd components used in the Kubernetes agent and Podman monitor have been updated in this release to address security vulnerabilities.
FlexNet Inventory Agent Release 23.3.0
New support for multiple bootstrap locations during agent deployment
Affected FlexNet Inventory Agent versions: 22.2.0 to 23.2.0
In this release, flxconfig has been updated to support multiple bootstrap locations during agent deployment. This enhancement provides greater flexibility in configuring agents, aligning its functionality with the older mgspolicy/ndlaunch tool.
New Java executable timeout option
Affected FlexNet Inventory Agent versions: 13.3.0 to 23.2.0
Previously, Java executables run during inventory gathering could intermittently hang with 100% CPU usage, leading to ndtrack inventory gathering processes hanging. Now, the agent has a configurable timeout option when launching a Java binary. This enhancement provides better control over inventory gathering processes, preventing indefinite hangs and improving overall system performance.
New support for network adapter speed and duplex collection on Solaris, AIX, and macOS
Previously, the collection of network adapter speed and duplex information was not supported on Solaris, AIX, and macOS platform. Now, support has been added for these platforms. This enhancement provides more comprehensive network information.
Fix for an issue with case-sensitive file scan listener comparison
Affected FlexNet Inventory Agent versions: 22.0.0 to 23.2.0
Previously, there was an issue where case-sensitive comparison for file scan listeners was not working correctly on macOS. File names such as "Info.plist" and "info.plist" were not correctly distinguished. This release resolves this issue.
Fix for the issue with TCPKeepAlive property collection for macOS in the least privilege operation mode
Previously, there was an issue where the macOS inventory agent configured in the least privilege operation mode did not return the TCPKeepAlive property as part of the NDI. This release resolves this issue.
Third party libraries version updated
Affected FlexNet Inventory Agent versions: See the following table for details
The following third party libraries bundled with the FlexNet Inventory Agent have been updated in this release to address security vulnerabilities.
| Library | New version | Affected FlexNet Inventory Agent versions |
|---|---|---|
| OpenSSL | 3.0.16 | All previous versions of the agent |
| libcurl | 8.12.0 | 23.0.0 onwards |
| Kubernetes Documentation A library use by the Kubernetes agent | N/A | KRM 1.7.9 and LWK 1.6.6 onwards |
| go-jose A component used by the Podman monitor | N/A | 22.4.0 onwards |
FlexNet Inventory Agent Release 23.2.0
New error logging in the K8s agent during IBM license service configuration
Affected Flexera Kubernetes Inventory Agent versions: All previous versions of the agent
Previously, the K8s agent did not log error messages it failed to resolve the IBM license service configuration. Now, an error log is generated whenever an error is detected during the IBM license service detection. This enhancement provides better visibility and troubleshooting.
New detection of TufinOS
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, the FlexNet Inventory Agent did not detect and report the operating system details for TufinOS. Now, the agent can accurately report TufinOS in the NDI (Operating System information node).
Enhanced data collection
Affected FlexNet Inventory Agent versions: All previous versions of the agent
From this release, the FlexNet Inventory Agent supports the collection of the following data:
-
Uptime
-
File system properties
-
Network adapter speed and duplex on the Linux agent
Fix for the issue of executing non-executable Java binaries on Unix-like systems
Affected FlexNet Inventory Agent versions: 16.2.0 to 23.1.0
Previously, there was an issue on Unix-like operating systems where the ndtrack process might attempt to execute files named "java" that were not marked as executable, leading to permission denied errors. This release resolves this issue.
Fix for the issue of ndtrack.exe crashing during Oracle FMW inventory report gathering
Affected FlexNet Inventory Agent versions: 16.2.0 to 23.1.0
Previously, there was an issue during Oracle FMW inventory report gathering where the ndtrack process would crash if a WMI query returned "Invalid class". This release resolves this issue.
Fix for the issue of excessive directory permissions
Affected FlexNet Inventory Agent versions: 22.4.0 to 23.1.0
Previously, there was an issue where the /var/opt/managesoft/cache/ directory created during the installation of FlexNet Inventory Agent had higher than necessary permissions, allowing write access for group and others. This release resolves this issue and the directory permissions have been adjusted to the minimum required level.
Third party libraries version updated
Affected FlexNet Inventory Agent versions: See the following table for details
The following third party libraries bundled with the FlexNet Inventory Agent have been updated to address security vulnerabilities.
| Library | Affected FlexNet Inventory Agent versions |
|---|---|
| GitHub - golang/glog Leveled execution logs for Go library used in the container agent | KRM 1.7.1 and LWK 1.5.8 onwards |
Buildah A library used in the Podman monitor | Version 23.1 onwards |
FlexNet Inventory Agent Release 23.1.0
Support for generating and uploading NDI files with non-ASCII characters in filenames
Affected FlexNet Inventory Agent versions: All previous versions of the agent
This enhancement is available with FlexNet Beacon version 23.1.0 and later
Previously, the FlexNet Inventory Agent and FlexNet Beacon may fail to upload files with non-ASCII characters in filenames. From this release, the FlexNet Inventory Agent and FlexNet Beacon support generating and uploading NDI files with non-ASCII characters in filenames.
Support for Oracle 23ai
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, the FlexNet Inventory Agent did not identify Oracle 23ai instances because the process name of Oracle 23ai followed a different convention from other Oracle database processes. In this release, the FlexNet Inventory Agent has been updated to support the identification of Oracle 23ai by checking for the new process names.
Ability to specify the cluster name in the Flexera Kubernetes Agent Helm chart
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, users were not able to specify the name of a cluster in the Flexera Kubernetes Agent Helm chart. As Kubernetes does not have a native naming mechanism, the agent uses a variety of strategies to discover an appropriate name for the cluster; however, these strategies were not consistently reliable. Now, you can use the new parameter clusterName to bypass the discovery process and directly assign a meaningful and easily recognizable name for a cluster.
The cluster name specified by the clusterName parameter is for display purposes only, and the cluster is identified internally by a unique ID. For more information about the new parameter, see Full Flexera Kubernetes Agent Helm chart configuration and installation in the Flexera One Help.
Exclusion of Windows Docker image layer directory
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, for Linux platforms, certain directories were excluded from scanning to avoid scanning the contents of Docker and Podman image layers. However, this exclusion did not extend to Windows. In this release, the agent's default preferences have been updated to also exclude the Windows Docker image layer directory from scanning.
Additional attributes being collected
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Additional inventory attributes are now collected by the FlexNet Inventory Agent to support the reporting of these attributes in IT Visibility with Technology Intelligence Platform.
Fix for the failed execution of getSystemId.exe when ndtrack.exe is executed standalone or through remote execution
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, execution of getSystemId.exe would fail with a "File Not Found" error when ndtrack.exe was executed standalone or through remote execution. This release resolves this issue.
Fix for the issue of inventory gathering hang during Oracle FMW scan of binary config.xml files
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, the agent encountered issues when trying to parse /var/opt/ds_agent/filter/config.xml, which matched an Oracle FMW rule by filename. The binary contents were processed as if the file were an XML file, causing inventory gathering to hang. This release solves this issue.
Fix for an uninstallation issue with the least privilege operation mode
Affected FlexNet Inventory Agent versions: 19.4 to 23.0
Previously, if the FlexNet Inventory Agent was installed in the least privilege operation mode, the flxrasvc user account and its associated group would not be removed upon the uninstallation of the agent. This issue was observed on Rocky Linux 9 and Ubuntu 20. This release solves this issue.
Fix for the issue of blank agent ID values for AWS Windows EC2 instances
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, due to the agent using a version of an internal library that did not have support for specific property detection within AWS Windows EC2 instances, an empty agent ID value was returned. This release solves this issue.
Fix for the issue of wrong hardware information and VPC consumption for VM Linux on power (LOP)
Affected FlexNet Inventory Agent versions: 17.4 to 23.0
Previously, the agent was reading Maximum Virtual CPUs instead of Online Virtual CPUs from the lparstat -i output, leading to incorrect hardware information and VPC consumption reporting for VM Linux on Power (LOP). This release solves this issue.
Fix for the custom log file path configuration issue with the Windows agent installer
Affected FlexNet Inventory Agent versions: 22.2 to 23.0
In some previous releases, when installing the Windows agent, users were not able to configure custom path for the agent log file agent_configuration.log by using the mgssetup.ini file. This release solves this issue.
Fix for incorrect core count on AWS EC2 ARM-based instances
Affected FlexNet Inventory Agent versions: 20.3 to 23.0
In some previous releases, the agent reported the Core(s) per socket value per processor instead of a single core per processor, which led to incorrect core counts on AWS EC2 ARM-based instances. This release solves this issue.
Fix for the issue with wrong permissions for the systemd service files
Affected FlexNet Inventory Agent versions: 19.4 to 23.0
In some previous releases, the FlexNet Inventory Agent installer set the permission for the systemd service files to a wrong value. This release solves this issue.
Third party libraries version updated
Affected FlexNet Inventory Agent versions: See the following table for details
The following third party libraries bundled with the FlexNet Inventory Agent have been updated in this release to address security vulnerabilities.
| Library | New version | Affected FlexNet Inventory Agent versions |
|---|---|---|
anstream | 0.6.18 | All previous versions of the agent |
Expat | 2.6.4 | All previous versions of the agent |
libcurl | 8.11.1 | 23.0 |
| GitHub - containers/buildah: A tool that facilitates building OCI images A component used by the Podman monitor | N/A | 22.4 to 23.0 |
| golang.org/x/crypto A component used by the Kubernetes agent and the Podman monitor | N/A | All previous versions of the agent |
FlexNet Inventory Agent Release 23.0.1
Support for TLS 1.3
This feature is available with FlexNet Beacon version 23.0.1 and later
In this release, the FlexNet Inventory Agent has been upgraded to support TLS 1.3. It integrates with beacon servers configured for either TLS 1.3 or TLS 1.2, enhancing secure communication as well as offering flexibility.
Communication libraries updated
The FlexNet Inventory Agent has been upgraded to use the libcurl library for the UNIX platforms and WinHTTP for Windows. This enhancement ensures that the FlexNet Inventory Agent remains up to date with modern network standards and protocols. As a result, the SSLOCSPCacheLifetime and SSLOCSPPath settings are no longer needed and have been removed. Additionally, the PrioritizeRevocationChecks setting has been updated.
Fix for an issue with incorrect directory and file permissions
Affected FlexNet Inventory Agent versions: 22.0.0 to 22.4.0
Previously, there was in issue where directories and files could be created with excessively high permissions. This release resolves this issue.
Fix for an issue with the Linux agent installation process
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, the Linux agent installation process did not start the services using the systemctl command. This caused the systemctl "status" command to indicate "Active: inactive (dead)" unless the device was rebooted, or the services were manually started via systemctl after the installation. From this release, the systemctl "status" command will now report "Active: active (running)" when services status is queried after installation.
Fix for an issue with the installation for the least privilege operation mode
Affected FlexNet Inventory Agent versions: 22.4.0
Previously, there was an issue where installing agent version 22.4.0 in least privilege operation mode would result in incorrect permissions being set on the tracker directory. This release resolves this issue.
Fix for an issue with the detection of IBM WebSphere Application Server
Affected FlexNet Inventory Agent versions: 19.0.0 to 22.4.0
Previously, there was an unnecessary dependency where detection of IBM WebSphere Application Server via installer evidence based on the IBM Installation Manager (IIM) required file scanning to be enabled, which could cause the IBM WebSphere Application Server not being detected as expected. This release resolves this issue.
Security vulnerabilities addressed
Affected FlexNet Inventory Agent versions: 22.4.0
Several security vulnerabilities in the third-party libraries used by the Podman monitor have been addressed.
FlexNet Inventory Agent Release 22.4.0
Enhanced software discovery for Unix-like platforms using running process tracking
Previously, software discovery on Unix-like platforms was inefficient and imprecise, with traditional scans generating excessive irrelevant file evidence. This led to poor visibility, identifying only about 10% of installed software, and required manual identification as the only alternative.
In this release, a new approach to software discovery on Unix-like platforms has been introduced to tackle the inefficiencies of traditional scanning methods. This approach uses running process tracking to identify installed software on Unix-like platforms, building a cache to validate and report software paths, thereby reducing irrelevant data collection. This new feature significantly improves the accuracy and relevance of software identification.
Fix for an issue with KubeVirt information collection
Affected Flexera Kubernetes Inventory Agent versions: 21.5.0 to 22.3.0
Previously, there was an issue with collecting KubeVirt information in the Flexera Kubernetes Inventory Agent, which could cause .ndi files not being uploaded. This release resolves this issue.
Bundled software versions updated
Affected FlexNet Inventory Agent versions: All previous versions of the agent
The following pieces of non-commercial software bundled with the FlexNet Inventory Agent have been updated in this release to address security vulnerabilities:
-
OpenSSLhas been upgraded to version 3.0.15. -
The
Expatutility, used for parsing streams of XML data, has been upgraded to release 2.6.3.
FlexNet Inventory Agent Release 22.3.0
Fix for an issue with the IncludeExtension preference
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, when the IncludeExtension preference was used to include files with the specified extensions, the FlexNet Inventory Scanner incorrectly checked the file extension in a case-sensitive manner instead of the intended case-insensitive manner. As a result, some file evidence might not have been captured. This release resolves this issue.
Fix for the issue of unnecessary scanning of excluded directories
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, directories resolved from symbolic links were still scanned even if they were excluded by directory name or file system mount. Although the files and subdirectories within these excluded directories were eventually excluded, the unnecessary processing reduced efficiency. This release resolves this issue.
Fix for an issue in the Helm chart
Affected Flexera Kubernetes Inventory Agent versions: All previous versions of the agent
Previously, there was an issue in the Helm chart that prevented the namespace from being applied in the krm-chart/templates/flexera-krm.yaml file. This release resolves this issue.
Bundled software version updated
Affected FlexNet Inventory Agent versions: All previous versions of the agent
The libxml2 utility, used for parsing XML documents, has been upgraded to release 2.11.9 to address known security vulnerabilities.
FlexNet Inventory Agent Release 22.2.0
If you choose to upgrade to FlexNet Inventory Agent version 22.2.0 and later, you MUST also upgrade your FlexNet Beacon to version 22.2.0 and later. FlexNet Inventory Agent versions 22.1.0 and older will continue to work with FlexNet Beacon versions 22.2.0 and later. For customers who use the self-upgrade functionality for agents and beacons, self-upgrade to FlexNet Inventory Agent versions 22.2.0 and later is available from version 22.2.0 of the FlexNet Beacon onwards.
The FlexNet Inventory Agent can be configured using flxconfig
This feature is available with FlexNet Beacon version 22.2.0 and later
In this release, the FlexNet Inventory Agent has been updated with a new component called flxconfig to handle agent configuration. flxconfig is a simplified implementation of agent configuration that allows for greater security and replaces the existing mgspolicy and ndlaunch components.
Both the mgspolicy and ndlaunch components will continue to be included in the agent installation; however, they are now considered obsolete and will no longer be used from version 22.2.0 onwards (for example, by the agent schedule). These components will be removed from the FlexNet Inventory Agent at some point in the future.
Increased security for downloading the FlexNet Inventory Agent
From this release, the FlexNet Inventory Agent will only download and install upgrade packages from the FlexNet Beacon where the digital signature can be successfully verified. This feature provides enhanced security measures for data obtained by an agent for inventory or upgrade purposes.
Support for downloading and automatically upgrading the FlexNet Inventory Agent on Debian-based Linux distributions
From this release, you can download the FlexNet Inventory Agent for Debian-based Linux distributions and choose whether to enable or disable its automatic upgrade, similar to installations and upgrades of the FlexNet Inventory Agent for other selected operating systems. To download the Debian-based Linux distributions inventory agent, go to the Installers page (Data Collection > Common Inventory Tasks > Installers) and select the agent installer for the intended platform. To enable or disable the automatic upgrade, go to the Agent Configurations page (Data Collection > Common Inventory Tasks > Agent Configurations), edit or create an agent configuration, go to the Manage version section on the Inventory Agent Options tab, select Automatically by platform, and select or clear the checkbox for the intended platform.
For FlexNet Inventory Agent version 22.2.0, the first upgrade of a Debian environment still needs to be done manually. Subsequent Debian-based automatic upgrades will ensue following the first manual upgrade.
Enhancement with filtered macOS bundle data for the FlexNet Inventory Agent on macOS
From this release, macOS bundle data is filtered for the FlexNet Inventory Agent on macOS, using pattern matching and regular expressions, to exclude data of operating system or Apple bundles that is not useful for inventory purposes. This enhancement significantly improves relevant installer evidence data collection and normalization efficiency.
A new setting ExcludeBundlePath is provided to control the exclusion behavior. It uses semicolon-delimited values for each filter expression. The default exclusions include the following regular expressions:
-
Paths starting with /System/Library, /System/DriverKit, or /System/iOSSupport:
^/System/(?:Library|DriverKit|iOSSupport) -
Paths starting with /System/Volumes/Update or /System/Volumes/Preboot:
^/System/Volumes/(?:Update|Preboot) -
Paths containing /private/var/root/.Trash:
/private/var/root/.Trash/ -
Paths starting with /Library/Developer or /Library/Apple that are a framework, xpc, or bundle:
^/Library/(?:Developer|Apple)/(?:.+)/(?:[^/]+).(?:framework|xpc|bundle)$ -
Paths starting with /usr:
^/usr -
Xcode framework bundle paths:
^/Applications/Xcode.app/(?:.+)/(?:[^/]+).framework$
Fix for the issue of libxslt and libxml2 parser errors being printed to the console
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, there was an issue that libxslt and libxml2 parser errors were printed to the console where the agent was running, rather than the trace log. This release resolves this issue.
Fix for an issue with Flexera Kubernetes Agent Helm chart deployments on OpenShift
Affected Flexera Kubernetes Inventory Agent versions: 21.5.0 to 22.1.0
Previously, there was an issue with the OpenShift extension where the resource name was not set correctly in the YAML file that applies the cluster role for the Flexera KRM agent when installed via a Helm chart. This release resolves this issue.
Kubernetes Inventory Agent security vulnerabilities addressed
Affected Flexera Kubernetes Inventory Agent versions: 21.5.0 to 22.1.0
A security vulnerability was discovered in a third-party library used in the Flexera Kubernetes Inventory Agent. This vulnerability has been addressed.
FlexNet Inventory Agent Release 22.1.0
Bundled software version updated
Affected FlexNet Inventory Agent versions: All previous versions of the agent
OpenSSL has been upgraded to version 3.0.14 in this release of the FlexNet Inventory Agent to address known security vulnerabilities
Fix for the issue with concurrent operations on internal maps
Affected Flexera Kubernetes Inventory Agent versions: All previous versions of the agent
Previously, the Flexera Kubernetes Inventory Agent might crash when concurrent read and write operations occurred on a map. This could happen, for example, when there were many pods that started and stopped within a short period of time causing the agent's pod event listener to access its internal maps concurrently without locking. This release resolves this issue.
FlexNet Inventory Agent Release 22.0.0
The Kubernetes Inventory Agent recognizes accurate worker node inventory for Red Hat OpenShift Container Platform clusters
The Flexera Kubernetes Inventory Agent has been enhanced to recognize accurate worker node inventory in a Kubernetes cluster for Red Hat OpenShift.
Prior to this enhancement, the Flexera Kubernetes Inventory Agent collected inventory data pertaining to the Kubernetes container, instead of collecting inventory data for the actual worker node that the Kubernetes container was deployed to.
On collecting accurate worker node inventory data, for any installed applications imported that are subscribed to and paid for, you can now license these applications accordingly by creating a license for the applications to consume against.
This enhancement is supported by the Standard Flexera Kubernetes Inventory Agent (often referred to as the "full" Flexera Kubernetes Inventory Agent), and the Lightweight Kubernetes Inventory Agent. Installer evidence will be updated to reflect new inventory, and inventory that is no longer present will be removed each and every time the Flexera Kubernetes Inventory Agent collects inventory from a Kubernetes cluster(s) in your environment.
Verified Oracle E-Business Suite (EBS) data collection can be switched on and off separately
Affected FlexNet Inventory Agent versions: 21.1.0 to 21.5.0
The FlexNet Inventory Agent has been updated to run the verified Oracle E-Business Suite (EBS) queries separately. This update is to support the functionality of switching the verified Oracle EBS data collection on and off separately, which improves the data collection performance.
The FlexNet Inventory Agent on Windows collects the complete version information of java.exe without executing it
Affected FlexNet Inventory Agent versions: 17.4.0 to 21.5.0
Previously, the FlexNet Inventory Agent on Windows executed digitally signed versions of java.exe with SYSTEM privileges to collect information for Oracle licensing. This method could potentially pose a security risk.
The FlexNet Inventory Agent on Windows now has been updated to collect complete version information of java.exe without having to execute it, which eliminates the security risk.
Fix for an issue with the flxfsscan tracing methods
Affected FlexNet Inventory Agent versions: 21.3.0 to 21.5.0
Previously, the flxfsscan tracing methods might cause a crash if the file name being traced contained specifiers such as "%s", "%t", and so on. This release resolves this issue.
Fix for an issue with the MGS_KubernetesPod.Node property
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, the MGS_KubernetesPod.Node property in an NDI was sometimes returned as an empty value on some pods running in Kubernetes. This release resolves this issue.
Fix for an issue with incorrect reporting on Kubernetes nodes
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, the FlexNet Inventory Agent running on a Kubernetes node might incorrectly report some class and property where they were not supposed to be reported. This release resolves this issue.
Bundled software version updated
Affected FlexNet Inventory Agent versions: All previous versions of the agent
The libxml2 utility, used for parsing XML documents, has been upgraded to release 2.11.8.
FlexNet Inventory Agent Release 21.5.0
The Kubernetes Inventory Agent now supports deployment of Helm chart templates
The Flexera Kubernetes Inventory Agent now supports predefined out-of-the-box Kubernetes Helm chart templates. For Flexera customers who use Helm charts, this new functionality will help to accelerate the deployment of the Flexera Kubernetes Inventory Agent to your Kubernetes clusters.
Prior to this new functionality, customers were required to write complex syntax files and create their own Flexera Kubernetes Inventory Agent YAML file. From this release, after pulling the Helm chart and saving it to a directory, you only need to edit the options within the values.yaml files as needed.
Two Helm chart templates are available: one for the Full Flexera Kubernetes Inventory Agent and one for the Lightweight Flexera Kubernetes Inventory Agent.
For more information about using the new Helm chart templates, see information pertaining to Helm charts in the Online Help topic, Flexera Kubernetes Inventory Agent Configuration Examples.
Kubernetes agent and third-party library security vulnerability addressed
Affected FlexNet Inventory Agent versions: 21.1.0 to 21.4.0
A security vulnerability was discovered in a third-party library used in the Kubernetes agent. This vulnerability has been addressed.
Kubernetes agent and Docker monitor third-party library security vulnerability addressed
Affected FlexNet Inventory Agent versions: 21.4.0
A security vulnerability was discovered in a third-party library used in the Kubernetes agent and Docker monitor. This vulnerability has been addressed.
Special characters in directory names can crash the ndtrack process when the Java audit option is enabled
Affected FlexNet Inventory Agent versions: 18.6.0 to 21.4.0
The Java audit processing of a directory with a non-standard or special character in the directory name can cause the ndtrack.exe process to crash. A workaround for this issue is to exclude directories with non-standard characters.
FlexNet Inventory Agent Release 21.4.0
Fix for the issue of multiple buffer mishandling issues in the Oracle FMW script
Affected FlexNet Inventory Agent versions: 16.0.0 to 21.3.0
Previously, there was an issue where Oracle FMW data was not included in the NDI if the Oracle FMW data was greater than 16 MB in size. This release resolves this issue.
The Kubernetes agent has been enhanced to provide discovery and visibility of Red Hat OpenShift operators
The Kubernetes agent can now recognize Red Hat OpenShift operators installed on all worker nodes in a Kubernetes cluster(s) in a customer environment. When inventory is collected by the Kubernetes agent, information is mapped over and installer evidence is created for each worker node in a Kubernetes cluster.
This enhancement is supported by the Standard Flexera Kubernetes Inventory Agent (often referred to as the "full" Kubernetes Inventory Agent), and the Lightweight Kubernetes Inventory Agent. Installer evidence will be updated to reflect new inventory, and inventory that is no longer present is removed each and every time the Kubernetes agent collects inventory from a Kubernetes cluster(s) in a customer environment.
Vulnerabilities addressed in the Kubernetes agent and Docker monitor
Affected FlexNet Inventory Agent versions: All previous versions of the agent and Kubernetes agent
The google.golang.org/protobuf component used in the Kubernetes agent, and github.com/docker/docker component used in both the Kubernetes agent and Docker monitor have been updated to prevent security vulnerabilities.
Fix for the issue of the agent failing to detect disk size of NVMe storage devices on Linux devices
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, the disk size of NVMe storage devices on Linux devices was not included in collected inventory data. This release resolves this issue.
Fix for the issue of inventory not being collected from an Oracle 21C database on Windows
Affected FlexNet Inventory Agent versions: All previous versions of the agent
Previously, Ndtrack failed to gather database inventory from the Oracle 21C database on Windows. This release resolves this issue.
Bundled software versions updated
Affected FlexNet Inventory Agent versions: All previous versions of the agent
The Expat library bundled with the FlexNet Inventory Agent used for parsing streams of XML data, has been upgraded to release version 2.6.2 to prevent security vulnerabilities.
FlexNet Inventory Agent Release 21.3.0
Fix for the flxfsscan process reporting every file found during the file system scan to the flxfsscan_report file
Affected FlexNet Inventory Agent versions: 19.4.0 to 21.2.0
Previously, for FlexNet Inventory Agent versions 19.4.0 and later, the flxfsscan process would report every file found during the file system scan to the flxfsscan_report file (/var/opt/managesoft/cache/flxfsscan_report).
As per normal procedure, the flxfsscan_report file would normally be removed once processed by the ndtrack (FlexNet Inventory Agent). However, due to the flxfsscan_report file growing too large, the /var directory would run out of space and the ndtrack would subsequently fail, resulting in sizable amounts of disk space being consumed.
As part of this fix, a new FlexNet Inventory Agent preference setting called MaxFSScanReportFileSizeInMB has been added. MaxFSScanReportFileSizeInMB specifies the maximum allowed size the /var/opt/managesoft/cache/flxfsscan_report file can grow to in Megabytes (MB).
This release further resolves the issue by including file filtering into the flxfsscan process, ensuring that only files relevant to the ndtrack are processed and reported to the flxfsscan_report file, reducing the file size significantly.
Bundled software versions updated
Affected FlexNet Inventory Agent versions: All previous versions of the agent
The following pieces of non-commercial software bundled with the FlexNet Inventory Agent have been updated in this release:
-
Expat has been upgraded to release 2.6.0.
-
The libxml2 utility, used for parsing XML documents, has been upgraded to release 2.11.7.
Fix for the issue of Windows agents creating output files containing unintelligible characters
Affected FlexNet Inventory Agent versions: 21.0.0 to 21.2.0
Previously, there was an issue where output files for Windows agents failed to convert correctly on the current ANSI code page for any characters not in standard ASCII. Consequently, this caused a failure when the rest of the output file was processed. This release resolves this issue.
FlexNet Inventory Agent Release 21.2.0
Bundled software version updated
OpenSSL has been upgraded to version 3.0.13 in this release of the FlexNet inventory agent to address known security vulnerabilities.
Version updated for the runc command line tool in the Docker Monitor
The version of the runc command line tool has been upgraded to the latest secure version in order to prevent security vulnerabilities.
Fix for the issue of package installation failing when updating agent policy on Flexera One beacons
Previously, package installation attempts when updating agent policy on Flexera One beacons failed with the error, "This component has not been digitally signed by its publisher," because the VerifyCatalogSigned preference is true. This release resolves this issue.
FlexNet Inventory Agent Release 21.1.0
Fix for the issue of Oracle inventory failing when the ORACLE_HOME variable is set incorrectly
Previously, there was an issue where the FlexNet inventory agent failed to inventory when the ORACLE_HOME environment variable was not set correctly in the impersonated users profile on Unix-like operating systems. This release resolves this issue.
RPM packages for Linux architectures are now signed using SHA-2 algorithm
The RPM packages for various Linux architectures supported by the FlexNet inventory agent are now signed using a SHA-2 algorithm. An updated public key is required which can be downloaded from the PLC.
In addition to this change, Windows Vista and Windows Server 2008 are no longer supported as they do not support SHA-2 signing algorithms.
The FlexNet Inventory Agent can now encrypt NDI, DISCO, MMI and SWACC file data
The FlexNet inventory agent now has the capability to encrypt the data contained within the inventory (NDI), discovery (DISCO), usage (MMI) and client access (SWACC) files they generate. This capability encrypts the inventory data on the machine hosting the beacon and helps prevent inventory files from being viewed or modified by malicious actors.
This requires a setting to be enabled, which at present needs to be done on the customer's behalf by Flexera. Contact Flexera Support to enable this setting.
Another requirement is that ALL agents AND ALL beacons in the customer's environment must be upgraded to at least version 21.0.
Fix for the issue of fnms-docker-monitor crashing after accessing containers
Previously, activation of Docker/Container may have resulted in the fnms-docker-monitor crashing after accessing containers with read-only filesystems with no mkdir in the container, or the container was based off a scratch image. This release resolves this issue.
Vulnerabilities addressed in the Kubernetes agent and Docker monitor
The Flexera Kubernetes inventory agent and Docker monitor, k8s.io/kubernetes component and golang.org/x/crypto component have been updated to prevent security vulnerabilities.
The FlexNet Inventory Agent updated to use the latest suitable version of dmidecode to address security vulnerability
The FlexNet inventory agent has been upgraded to use verion 3.5 of dmidecode. Versions prior to 3.5 are exposed to a potential security issue.
Fix for the issue of inventory collected from Hyper-V scans not including the cluster name
Previously, there was an issue where inventory collected from Hyper-V scans did not include the cluster name. This release resolves this issue.
Agent systemd .service file permissions update
Permissions on Linux agent systemd .service files have been adjusted.
Fix for the issue of imgtrack failing to run
Previously, there was an issue where the imgtrack failed to run when it was ran with the --from-ndtrack or --local-ndtrack command line arguments using an ndtrack.sh file where binary content does not start on line 300. This release resolves this issue.
Fix for Java evidence being collected with an incorrect publisher
Previously, there was an issue where Java evidence was collected with an incorrect publisher. This resulted in an evidence recognition error and reporting discrepancies. This release resolves this issue.
The FlexNet Inventory Agent has been extended to automatically switch to HTML mode when EBS queries fail
The FlexNet Inventory Agent has been extended to automatically switch to HTML mode when EBS queries fail in XML mode due to the returned data and for MOUNTED database scanning when the relevant XML procedure does not exist.
FlexNet Inventory Agent Release 21.0.0
The Flexera Inventory Agent November 2023 release is the last release to support the HP-UX agent
The Flexera Inventory Agent November 2023 release is the last release to support the HP-UX agent. This follows an announcement made by Hewlett Packard Enterprise (HPE) stating support for "HP-UX Itanium" will stop by the end of 2025. During the transition period from HP-UX Itanium to other platforms/architectures, customers can continue to use the Flexera Inventory Agent version 2023 R2 (21.0.0) or earlier versions for HP-UX Itanium.
Support for Windows on ARM Devices
From this release, the FlexNet inventory agent supports inventory collection from Windows on ARM devices.
Ability To Collect Resource IDs From Microsoft Azure Instances
From this release, the FlexNet inventory agent and Microsoft Azure adapter can collect Resource IDs from Microsoft Azure instances. This is beneficial for cloud cost management system customers, as the Resource ID is a key data element used to uniquely identify Microsoft Azure instances for billing, costing, and cost allocations.
Enhanced Lightweight Kubernetes Agent Static Image Scanning Tool for Scanning Podman Containers
Previously, the lightweight Kubernetes agent static image scanning tool would not work on images that had been created by Podman. In this release, this tool has been enhanced and can be used to scan Podman containers.
Folder Permission Changed for CommonAppDataFolder
From this release, the CommonAppDataFolder folder in the Windows agent (typically located in C:\ProgramData\ManageSoft Corp) is only readable by administrators.
Fix for the Issue of Files Not Being Cleaned Up Automatically After Container Scanning
Previously, there was an issue where temporary files and directories were not cleaned up automatically after container scanning. This release resolves this issue.
Fix for the Issue of Incorrect Core and Processor Counts on Citrix Hypervisor Servers
Previously, there was an issue where the core and processor counts on Citrix Hypervisor servers might not be reported correctly. This release resolves this issue.
Fix for the Issue of Scanning Excluded Directories and Mount Points
Previously, there was an issue where the FlexNet inventory agent might scan excluded directories and mount points if it followed symbolic links that had been resolved to point to a directory that should be excluded, which could cause performance problems such as high CPU usage and long scanning time. This release resolves this issue.
Vulnerability Addressed in the Kubernetes Agent and Docker Monitor
The Kubernetes agent and Docker monitor have been updated to prevent a security vulnerability (Common Vulnerabilities and Exposures ID CVE-2023-39325).
FlexNet Inventory Agent Release 20.5.0
Fix for the Issue With File Evidence Reporting for java.exe on Windows
Previously, there was an issue with file evidence reporting for java.exe executables on Windows, where the file evidence of a java.exe file would not be reported if the file was not digitally signed or if the PerformOracleJavaAuditScan preference was not enabled. This release resolves this issue.
Fix for the Issue With the Reported Version of Expat
Previously, there was an issue where the reported version of the Expat class library being used was incorrect in some cases. This release resolves this issue.
Bundled Software Version Updated
OpenSSL has been upgraded to release 3.0.11 in this release of the FlexNet inventory agent. This update also resolves a security vulnerability (Common Vulnerabilities and Exposures ID CVE-2023-4807).
FlexNet Inventory Agent Release 20.4.0
Fix for the Issue With Automatic Upgrading From Version 18.4.0 or Later to 20.1.0 or Later on Windows
Previously, there was an issue on Windows where the automatic upgrading of the FlexNet inventory agent from version 18.4.0 or later to version 20.1.0 or later might fail due to the removal of the vdiendpointagent feature in the Feature table. This release resolves this issue.
Fix for the Issue With config.ini on Unix-Like Operating Systems
Previously, on Unix-like operating systems, there was an issue where the config.ini file could occasionally get corrupted or lost when the filesystem ran out of space. This release resolves this issue.
Fix for the Issue With Oracle Inventory on Windows
Previously, the FlexNet inventory agent might not return any Oracle inventory on Windows if the %TEMP% environment variable was resolved to a path containing spaces. This release resolves this issue.
Bundled Software Version Updated
OpenSSL has been upgraded to release 3.0.10 in this release of the FlexNet inventory agent.
Vulnerabilities Addressed in the Kubernetes Agent
Several vulnerable components used in the Kubernetes agent have been updated to prevent potential security issues.
FlexNet Inventory Agent Release 20.3.0
New Support for Instance Metadata Service Version 2 in AWS
Previously, the FlexNet inventory agent only supported Instance Metadata Service Version 1 (IMDSv1). From this release, the FlexNet inventory agent also supports Instance Metadata Service Version 2 (IMDSv2), which is more secure than IMDSv1.
Minimum Required Version of the glibc Library Changed From 2.34 to 2.17
Previously, the Linux ARM agent required the Linux operating system to have glibc version 2.34 at a minimum and did not support earlier Linux distributions. From this release, the Linux ARM agent also supports Linux distributions with glibc versions earlier than 2.34, with version 2.17 at a minimum.
Enhanced Performance of the Oracle Fusion Middleware Scanning
The Oracle Fusion Middleware scanning logic has been updated for enhanced performance.
Vulnerabilities Addressed in the Kubernetes Agent
Several vulnerable components used in the Kubernetes agent have been updated to prevent potential security issues.
New Support for Gathering Inventory From Linux Running on ARM64/AArch64
Previously, customers could not use the FlexNet inventory agent on Linux operating systems running on processors of the ARM64 architecture (also known as the AArch64 architecture), such as Amazon Graviton processors. From this release, the FlexNet inventory agent supports gathering inventory from Linux running on the ARM64/Aarch64 architecture.
Enhanced Support for macOS
Previously, for the FlexNet inventory agent to run on macOS on Apple M-series processors, Rosetta 2 must be installed and running. From this release, Rosetta 2 is no longer required.
Additionally, macOS versions 10.9: 10.15.3 are no longer supported. The minimum supported version is now 10.15.4.
Bundled Software Versions Updated
The following pieces of non-commercial software that are bundled with the FlexNet inventory agent have been updated in this release:
-
OpenSSLhas been upgraded to release 3.0.9. -
The
libxml2utility, used for parsing XML documents, has been upgraded to release 2.11.4.
Fix for the Issue With Daemon Processes
Previously, on some Linux systems, some daemon processes of the FlexNet inventory agent might not successfully start following a system restart. This release resolves this issue.
Updates to the Usage Agent on Windows
The Usage agent on Windows has been updated for unified and more robust application usage tracking.
-
The default upload interval has been changed from every 24 hours to every 8 hours.
-
Usage data is now stored while the Windows system is shut down and gets uploaded when the system starts again.
noteThe usage service only saves data when systems are restarted and when systems are powered off to the power state S5 or G3, but not when systems are put into sleep, hibernation, or other power states. (For details about power states, refer to the Microsoft topic System power states). In particular, those systems that are configured to use the "fast startup" behavior do not move to the S5 or G3 power state when powered off but instead are put into a hibernation state S4. This means the system is not shut down, and the Usage agent, along with all other services, will continue when the machine is powered back up and resumed from hibernation. In this case, the Usage agent will continue to upload on the time period defined by the
UploadPeriodsetting. -
Previously, usage data for an application was only reported when the application was closed; from this release, usage data is also reported when the application is running.
-
The
vdiendpointservice has been removed.
Fix for the Issue With Application Closure
Previously, an issue in the Usage agent might cause closure problems in some applications. This release resolves this issue.
Bundled Software Version Updated
The libxml2 utility, used for parsing XML documents, has been upgraded to release 2.11.3.
Vulnerabilities Addressed in the Docker Monitor
The distribution library used by the Docker monitor has been updated to prevent potential security issues.
FlexNet Inventory Agent Release 20.0.0
Ability to Collect Bundle Installation Evidence From All Locations on Mac Devices
Previously, the FlexNet inventory agent installed on Mac devices only collected bundle installation evidence from the standard /System and /Applications directories, which might lead to incomplete data collection if the bundles were installed at custom locations other than the standard directories.
From this release, FlexNet inventory agent collects bundle installation evidence from all locations on Mac devices.
Oracle Reverification for Database and Middleware
The FlexNet inventory agent has been updated to collect additional data required for Oracle database and Fusion Middleware compliance.
Vulnerabilities Addressed in the Kubernetes Agent and Docker Monitor
Several vulnerable components used in the Kubernetes agent and Docker monitor have been updated to prevent potential security issues.
FlexNet Inventory Agent Release 19.4.0
Bundled Software Version Updated
OpenSSL has been upgraded to version 3.0.8 in this release of FlexNet inventory agent.
Fix for a Performance Issue During Inventory Collection on Windows
Previously, in some enterprise networks, it might take a significant amount of time to gather details of the last logged-on user during inventory collection on Windows. This release resolves this issue.
Fix for the Issue of Failed Installation on Red Hat Enterprise Linux 9
Previously, the agent installation might fail on Red Hat Enterprise Linux 9 if the chkconfig package had not been installed. This release resolves this issue.
Least Privilege Operation Mode on UNIX Platforms
Previously, when the FlexNet inventory agent was installed on a UNIX-like system, the entire agent had to run as root and requires full root access. This could cause traceability issues or security issues to some users.
From this release, you can choose to install the FlexNet inventory agent into either of the following two operation modes:
-
Default operation mode: The installed agent will run as the root user and requires full root access.
-
Least privilege operation mode: The installed agent will run as the
flxrasvcstandard user.
This feature is only available for the third-party deployment but not for the adoption case.
For more details, see Agent Third-Party Deployment: Configuring the Operation Mode on UNIX in Gathering FlexNet Inventory available at https://docs.flexera.com/.
Version Updated for the runc Command Line Tool
The version of the runc command line tool has been upgraded to v1.1.5 in order to address a known security vulnerability (Common Vulnerabilities and Exposures (CVE) ID CVE-2023-27561).
Vulnerabilities Addressed in the Kubernetes Agent and Docker Monitor
Several vulnerable components used in the Kubernetes agent and Docker monitor have been updated to prevent potential security issues.
FlexNet Inventory Agent Release 19.3.0
Bundled Software Version Updated
OpenSSL has been upgraded to version 1.1.1t in this release of FlexNet inventory agent.
Fix for the Issue of Inventory Gathered From LPAR on PowerPC Not Including the HostID and MachineID Properties
Previously, inventory gathered from LPAR on the PowerPC architecture did not include the HostID and MachineID properties, which caused problems in the sub-capacity licensing. This release resolves this issue.
Vulnerabilities Addressed in the Kubernetes Agent and Docker Monitor
Several vulnerable components used in the Kubernetes agent and Docker monitor have been updated to prevent potential security issues.
FlexNet Inventory Agent Release 19.2.0
Support for Linux on IBM zSystems
Previously, customers using Linux platforms running on the IBM zSystems architecture (also known as "s390x" or "z/Architecture", which is a mainframe architecture developed and supported by IBM) could not use the FlexNet inventory agent but had to rely on the IBM License Metric Tool (ILMT). From this release, the FlexNet inventory agent supports Linux operating systems running on the IBM zSystems architecture that support glibc version 2.17 or newer.
FlexNet Inventory Agent Release 19.1.0
Ability to Recognize JBoss Installations
Previously, there was no visibility on JBoss usage. With this release, the inventory capabilities of the FlexNet inventory agent have been extended to detect the installation of the following Red Hat JBoss and middleware applications:
-
JBoss Enterprise Application Platform
-
JBoss Web Server
-
Decision Manager
-
Fuse
Performance and Quality Issues With ndtrack File Scans Have Been Addressed
Previously, the agent's ndtrack file scanning functionality was prone to poor performance when machines had a significant number of ndtrack files. This release has made performance improvements to this functionality.
Fix for the Issue of Oracle Fusion Middleware (FMW) Inventory Scanning Not Honoring the Agent Preference Setting to Exclude File Paths
Previously, excluded file paths configured in the agent preference settings were not honored when Oracle FMW scanning was enabled. This release resolves the issue. Oracle Fusion Middleware scans now honor any excluded file paths that have been set by the user.
Fix for the Issue of Some Informational Messages Being Incorrectly Logged as Error Messages
Previously, some informational messages during inventory gathering for Oracle products on Windows were recorded in the event log with an incorrect event level of Error, which was misleading for users. This release resolves this issue and the events are correctly logged with the level of Information.
Vulnerabilities in Third Party Components Have Been Addressed��
This release has addressed several vulnerabilities in third party components in the Kubernetes agent and the FlexNet inventory agent.
FlexNet Inventory Agent Release 19.0.0
Fix for the Issue in Gathering Inventory From Oracle Pluggable Databases
Previously, gathering inventory from Oracle pluggable databases (PDB) might fail when the PDB case sensitivity parameter was set to TRUE. This release resolves this issue.
Bundled Software Versions Updated
FlexNet Inventory Agent Release 18.7.0
The following pieces of non-commercial software that are bundled with the FlexNet inventory agent have been updated in this release:
-
The
Expatutility, used for parsing streams of XML data, has been upgraded to release 2.5.0. -
The
libxml2utility, used for parsing XML documents, has been upgraded to release 2.10.3. -
The
zlibutility, used for data compression, has been upgraded to release 1.2.13.
Bundled Software Version Updated
The Expat utility, used for parsing streams of XML data, has been upgraded to release 2.4.9.
FlexNet Inventory Agent Release 18.6.0
Supported Operating Systems Updated
Oracle Linux 9.0 is supported on FlexNet inventory agent now.
HP-UX is only supported for 11i v3 (also known as 11.31) on the Itanium architecture. In other words, other HP-UX versions are no longer supported; HP-UX systems running on the PA-RISC architecture are no longer supported either. This change is due to the compiler libraries upgrade in order to stay on top of security vulnerabilities.
FlexNet inventory agent versions prior to this release will still function on these operating system versions.
Automatic upgrade of FlexNet inventory agent to this release or later releases on any of these operating system versions are disabled. During the automatic upgrade process on some of these operating system versions, an error might occur; however, you can just ignore the error because the existing FlexNet inventory agent installed remains untouched and will keep functioning.
Fix for the Issue of High CPU Usage for an Extended Period While Processing RPM Package Information
Previously, ndtrack might cause high CPU usage for an extended period while processing RPM package information. This release resolves this issue.
Fix for the Issue of Missing Evidence From Directories With the Same Name on Different Drives
Previously, if two or more directories on different drives have the same directory name, only one of them would be scanned in file evidence gathering. This release resolves this issue.
Fix for the Issue of False Error Messages Upon Oracle Inventory Gathering Status
Previously, a false error message might display even when the Oracle inventory gathering had succeeded, which would cost users unnecessary effort in investigation. This release resolves this issue.
FlexNet Inventory Agent Release 18.4.0
Enhancement to Detect the Edition of SQL Server Reporting Services System That Is Installed Stand-Alone
Previously, if the SQL Server Reporting Services system was installed stand-alone and separate from the SQL Server Database installation, the edition of this stand-alone installation would not be reported. From this release, the FlexNet inventory agent detects and reports the edition of the SQL Server Reporting Services system that is installed stand-alone.
Using the "mgspolicy : s" Command to Update the Machine Policy
Previously, users were unable to update the machine policy by using the mgspolicy : s command. From this release, you can run the mgspolicy : s command to download the new policy.
Bundled Software Versions Updated
OpenSSL has been upgraded to release 1.1.1q in this version of FlexNet inventory agent.
Fix for the Issue of Windows Docker Containers Not Appearing in the Web UI
Previously, the Windows agent running a Windows docker container reported unnecessary hardware classes which resulted in Windows Docker containers not appearing in the Web UI. This release resolves this issue.
Fix for the Issue of Unnecessary Data Being Gathered From the Oracle Fusion Middleware Scanning
Previously, the Oracle Fusion Middleware scanning returned unnecessary data. This release resolves this issue. As a result, you might notice a decrease in the size of database log files and the NDI files generated.
FlexNet Inventory Agent Release 18.3.0
Bundled Software Versions Updated
The following pieces of non-commercial software that are bundled with the FlexNet inventory agent have been updated in this release:
-
OpenSSLhas been upgraded to release 1.1.1o in this version of FlexNet inventory agent. -
The
libxml2utility, used for parsing XML documents, has been upgraded to release 2.9.14. -
The
libxsltutility, used for processing XSLT-1.0 style sheets, has been upgraded to release 1.1.35. -
The
zlibutility, used for data compression, has been upgraded to release 1.2.12.
Computer Domain Reported by Default From Unix-Like Operating Systems Now Reflects What Has Been Identified in the Output of the "Hostname" or "Domainname" Commands
In the previous releases, the computer domain reported by FlexNet inventory agent from UNIX-like operating systems is blank by default, while the domain name reported by the inventory scanner by default is based on the output of the hostname or domainname commands.
From this release, the computer domain reported by FlexNet inventory agent is also based on what has been identified in the output of the hostname or domainname commands.
Supported Operating Systems Updated
The following operating system versions have been added to the list of supported operating systems on FlexNet inventory agent:
-
Debian Linux 11.3 (x86, 32-bit and 64-bit)
-
Fedora Linux 36 (x86 64-bit only)
-
Oracle Linux 8.6 (x86 64-bit only)
-
Red Hat Enterprise Linux (RHEL) 9.0 (x86 64-bit only).
The following operating system versions are no longer supported on FlexNet inventory agent because the compiler libraries have been upgraded to newer versions to stay on top of security vulnerabilities.
FlexNet inventory agent versions prior to this release will still function on these operating system versions.
Automatic upgrade of FlexNet inventory agent to this release or later releases on any of these operating system versions are disabled. During the automatic upgrade process on some of these operating system versions, an error might occur; however, you can just ignore the error because the existing FlexNet inventory agent installed remains untouched and will keep functioning.
-
Debian 7
-
Fedora Linux 25 (x86, 32-bit and 64-bit)
-
macOS 10.6, macOS 10.7 and macOS 10.8
-
Oracle Linux 4.
xand 5.x -
Red Hat Enterprise Linux 5 (x86 32-bit and 64-bit)
-
Red Hat Linux 8: 9
-
Solaris (SPARC) 8 and Solaris (SPARC) 9
-
Solaris (x86) 8 and Solaris (x86) 9
-
SuSE Linux Enterprise Server 11 (x86, 32-bit and 64-bit)
-
Ubuntu 12 and 13
-
Windows Server 2003 SP1 and SP2.
FlexNet Inventory Agent Release 18.2.0
Fixed Unnecessary Hardware Inventory Uploads for IBM PVU in High-Frequency Mode
New inventory NDI files are no longer generated by high-frequency IBM PVU inventory scans for changes in processor clock speed details. In other words, changes in the following attribute of a hardware device will not trigger the upload of an inventory file:
MGS_Processor.CurrentClockSpeed.MaxClockSpeed
As a result, you might notice a decrease in the number of hardware inventory uploads for IBM PVU.
For more information, see HardwareChangesClassPropertyBlacklist in Gathering FlexNet Inventory.
FlexNet Inventory Agent Release 18.1.0
Bundled Software Versions Updated
The following pieces of non-commercial software that are bundled with the FlexNet inventory agent have been updated in this release:
-
OpenSSL has been upgraded to release 1.1.1n in this version of FlexNet inventory agent.
-
The Expat utility, used for parsing streams of XML data, has been upgraded to release 2.4.8.
FlexNet Inventory Agent Release 18.0.0
Improved Error Message Logging for the Usage Coordinator
In the previous releases, error messages about the usage coordinator were regularly generated into the usage agent log (usageagent.log). From this release, these messages are generated in the trace log instead as diagnostic logging. This change could significantly reduce the size of the usageagent.log file.
FlexNet Inventory Agent Release 17.4.0
Improved Collection of Last Logged On User for Windows and Mac Devices
When the FlexNet inventory agent is collecting inventory, it tries to collect the name of the user currently logged on to the device being inventoried. When this is not possible, previously the inventory returned no user details; but with this change, the agent now tries to collect details of the last logged on user:
- For Windows devices, this is only possible when the device is a member of a domain and has access to the domain controller (the information is collected as WMI evidence through the Win32_NetworkLoginProfile class)
The functionality is not available on early versions of Windows, prior to Windows Vista or Windows Server 2008.
- On devices running macOS, where the operating system records logged on users, the most recent such record is chosen.
There is no change for FlexNet inventory agent running on other UNIX-like devices; and if the last logged on user cannot be retrieved on Windows and macOS, the old behavior continues, and no user information is returned.
Support for Gathering Inventory From POWER Linux Platforms
The FlexNet inventory agent collects inventory from a wide range of Linux platforms (for which see the System Requirements), but until now, those distributions have been supported only when running on Intel 32-bit or 64-bit architectures. With this release, the FlexNet inventory agent also supports a range of little-endian Linux distributions running on POWER8 (and later) processors that support glibc version 2.17 or later:
-
CentOS 7.4 and later
-
Debian 8 and later
-
Fedora 21 and later
-
Red Hat Enterprise Linux (RHEL) 7.4 and later
-
SuSE 12 and later
-
Ubuntu 14.04 and later.
POWER processor support is restricted to little-endian builds (ppc64le) only, and FlexNet inventory agent does not run on any distribution that is big-endian (ppc64). Any distributions that do not have a ppc64le build (such as Amazon Linux, Oracle Linux, and Photon OS) are not supported on POWER processors, although of course existing support on Intel architectures continues unchanged.
Fixed Issues of False Hardware Inventory Uploads for IBM PVU
New inventory NDI files are no longer generated by IBM PVU inventory scans for changes in inventory agent schedule settings or for changes in the following attributes of a hardware device:
-
Win32_NetworkAdapter
-
Win32_NetworkAdapterConfiguration
-
MGS_NetworkAdapterConfiguration
As a result, you might notice a decrease in the number of hardware inventory uploads for IBM PVU.
For more information, see HardwareChangesClassPropertyBlacklist in Gathering FlexNet Inventory.
Bundled Software Versions Updated
Several pieces of non-commercial software that are bundled with the FlexNet inventory agent have been updated at this release:
-
OpenSSL has been upgraded to release 1.1.1m in this version of FlexNet inventory agent
-
The dmidecode utility, used to help parse BIOS information, has been upgraded to release 3.3
-
The expat utility, used for parsing streams of XML data, has been upgraded to release 2.4.4
-
The libxml2 utility, also used for parsing XML documents, has been upgraded to release 2.9.12
-
The libxslt utility for processing XSLT-1.0 style sheets has been upgraded to release 1.1.34.
FlexNet Inventory Agent Release 17.3.0
Disable All Uploads From FlexNet Inventory Agent
A new preference setting saved in the registry on an inventory device allows you to turn off all uploads from the various components of the FlexNet inventory agent (such as the tracker and the uploader) when the FlexNet inventory agent is locally installed on an inventory device. This may be helpful if you are investigating possible security issues in your network, for example. At present, the setting is only available by modifying the registry of the target Windows inventory device, or updating the config.ini file that functions as a pseudo-registry on UNIX-like platforms. Because the setting is also available in the command lines for the components of the FlexNet inventory agent, you can run tests such as collecting inventory without uploading the result, instead holding the inventory file for examination.
The preference impacts all components of the FlexNet inventory agent, but has no effect on uploads from the Flexera Kubernetes inventory agent or the lightweight Kubernetes agent.
For more information, see DisableAllAgentUploads in the Gathering FlexNet Inventory reference.
FlexNet Inventory Agent Release 17.2.0
Support for Mutual TLS Security With HTTPS for UNIX-like Devices
If you choose to use mutual TLS (where both sides of HTTPS communications use certificates for authentication), it tends to be a blanket decision affecting (minimally) a bounded segment of your corporate network, because a correctly-configured inventory beacon normally requires a client certificate from every inventory device that contacts it. While inventory devices running Windows already support mutual TLS, this release adds mutual TLS support for UNIX-like inventory devices. For more information, including links to updated documentation about configuration, see the Support for Mutual TLS on UNIX-Like Devices topic in the Flexera One Features by Release.
Oracle Fusion Middleware Configuration Improvement
The collection of specialized inventory for Oracle Fusion Middleware, announced in Support for Oracle Fusion Middleware Data Collection, has been refined. At first release, this functionality relied on the IncludeDirectory preference being set to / on UNIX-like systems; but experience shows that this can return excessive amounts of file evidence, much of which is unrelated to Oracle Fusion Middleware. From this release, IncludeDirectory reverts solely to its original purpose of specifying folders for collecting file evidence for either application recognition or usage tracking. When collection of inventory for Oracle Fusion Middleware is authorized (by the controls described in the announcement in the Adding Oracle Fusion Middleware to GLAS evidence archive topic in the in Flexera One Features by Release), the FlexNet inventory agent automatically scans the entire file system (as required by Oracle), independent of the setting in IncludeDirectory: almost. The system-wide scan knows which folders (in IncludeDirectory) have already been scanned, and where Oracle Fusion Middleware evidence has already been collected during the regular inventory scan of the target device; and no folder is scanned a second time, again optimizing performance and uploads.
FlexNet Inventory Agent Release 17.0.1
Docker Inventory Files Automatically Cleaned Up
The Docker monitor within the FlexNet inventory agent saves one .ndi file in the``/var/opt/managesoft/tracker/inventoriesfolder on the Docker host for each container image. To prevent too many of these files accumulating over time, the Docker monitor each day deletes any of these saved .ndi files that are over 7 days old. (As always, archived copies for upload are saved in /var/opt/managesoft/uploads/inventories, and these are deleted after a successful upload to the parent of this inventory beacon. A build-up of files in the uploads path indicates a problem with uploads.)
Fixes
-
Usage tracking now works even for components in the Windows Installer package that are not identified as key components
-
Paths recorded in Oracle comps.xml and inventory.xml are now validated to be current before they are reported in inventory
-
Settings in ExcludeDirectory and ExcludeEmbedDirectories preferences are now honored, even if paths are included in Oracle comps.xml files
-
CAL access files (.swacc) can now include multi-byte characters, and are processed appropriately
-
Very long paths for ExcludeEmbedDirectories now work correctly.
Inventory on Unix-Like Platforms Now Includes Java Build Version
Some builds of Java are licensable, and some are free. The only way to tell which is which is to examine the build number. Until now, the FlexNet inventory agent on UNIX-like platforms has returned the Java version number (such as 1.7.0_55), without the trailing build number, shown in this example as b13:
1.7.0_55-b13
Inventory gathering for Java on UNIX-like platforms has now been enhanced to include the build number in the version number, returned as always within the uploaded .ndi file. This enhancement does not currently affect recognition through the Application Recognition Library, since this uses wild cards while interpreting versions.
On Windows platforms, the FlexNet inventory agent already returns the build number for Java, so that this enhancement for UNIX-like platforms brings cross-platform parity.
Repaired Usage Time for Windows Devices Suspended Over Weekends
Previously, if a Windows device was in a suspended state at 12am on Monday mornings, the report of weekly usage times could not be generated and uploaded, with the result that the previous figures rolled forward into the next reporting period and usage appeared to grow continually. This has now been repaired, and (when usage tracking is enabled) FlexNet inventory agent now triggers the weekly report as soon as the suspended device resumes normal operations. This is particularly valuable for enterprises wanting to use usage as a way to control internal cross-charging for computer use.
Inventory Gathering on Rhel 5.11 Repaired
A fix is included for a previous problem on Red Hat Enterprise Linux (an old release, 5.11), where the FlexNet inventory agent would hang if the /var/run/xenstore.pid file could not be found, thereby blocking further inventory gathering on the device. The FlexNet inventory agent now checks for the presence of the file, and if it missing, creates an entry in the mgstrace.log file:
(Inventory/Tracker/Hardware/Hypervisor): xenstore pid file "/var/run/xenstore.pid" does not exist, will not try to read "/sys/hypervisor/uuid" as it may hang.
The FlexNet inventory agent then moves on to the next inventory task.
Aix 7.1 Inventory Now Skips Missing Custom Installations
On AIX 7.1, Licensed Program Products (LPP) are saved in a directory in backup file format. You may specify a custom installation location for an application in User-Specified Installation Location (USIL). If, for some reason, your USIL is 'orphaned' (missing), the FlexNet inventory agent would previously fail and block further inventory gathering for LPPs. This has now been repaired so that the FlexNet inventory agent skips problem packages and continues to take inventory of valid packages, uploading the results in the .ndi file as usual. The problem packages are logged in the mgstrace.log file.
Gathering Oracle Inventory on Unix-Like Platforms Improved
Handling of memory lock limits for running Oracle scripts has been improved, overcoming errors in running the Oracle Database inventory scripts. The new process is:
- Before running the Oracle script, the FlexNet inventory agent saves its current memory lock limit, if present.
- It then sets the memory lock limit to unlimited, as required for the Oracle scripts, and runs the script.
- When the Oracle script is completed, FlexNet inventory agent restores its previous memory lock limit, and continues operation.
This process means that the FlexNet inventory agent runs with the elevated memory lock limit for the shortest possible time, and only when running the Oracle scripts.
This behavior is now on by default. Although changing the behavior is not recommended, for special needs you can disable it with a new command-line option for ndtrack:
-o UseOracleMemLockLimit=false
Restore it with the same option set to true. To restate, for reliable normal operation, do not disable this improved behavior.
Supports Inventory of Toad for Oracle
FlexNet inventory agent now collects evidence for installations of Toad for Oracle on Windows-based Oracle servers. Two new evidence types are created for upload, and the upload includes edition information collected from SettingsLocations.ini in the Toad installation.
By default, this new functionality is always on. For special reasons, if you need to suppress this behavior, you can add a new switch to the command line for ndtrack:
-o PerformToadForOracleInventory=false
However, the default behavior may be safely left enabled, since it does not create significant load on devices where Toad is not installed.
For more information, see the Toad for Oracle Inventory topic in the Flexera One Features by Release.
Improved Support for Network Adapters on Unix-Like Platforms
The FlexNet inventory agent now collects all IPv4 addresses and subnet masks registered on a network adapter with multiple addresses on a UNIX-like device. Previously, on UNIX-like devices the FlexNet inventory agent returned only the last value from the ifconfig -a command; but this behavior is now changed so that, as it has always done on Windows devices, the FlexNet inventory agent on UNIX-like devices returns all IPv4 addresses from a multiple-address network adapter. These addresses are displayed in inventory listings and inventory properties as a comma-separated list (up to 256 characters).
IP addresses in the IPv6 address family are not reported in FlexNet inventory for devices running UNIX-like operating systems.
Support for Oracle Fusion Middleware Data Collection
The FlexNet inventory agent, whether locally installed on the relevant Oracle server or using zero footprint inventory collection from an appropriate inventory beacon, now supports collection of audit-ready data for products in the Oracle Fusion Middleware collection. See the Adding Oracle Fusion Middleware to GLAS Evidence Archive topic in the Flexera One Features by Release for further details, including relevant controls.
Improved Usage Tracking Resolution
An issue that caused usage tracking records to merge as if they applied to a single device has been corrected. (There is no workaround available for earlier versions of FlexNet inventory agent, and the fix requires upgrading to this release.)
Improved Inventory of Ibm Db2 and Add-Ons
The FlexNet inventory agent now uses the db2licm command to improve inventory recognition of IBM Db2 database and its available add-ons. This command is a standard part of the IBM Db2 installation, and requires no special configuration. There is a 120-second timeout if the FlexNet inventory agent does not receive a response from the command, with the duration configurable in the registry, so that a failure in this command does not block all inventory gathering. If, for some unusual reason, you do not want the added accuracy in reporting inventory for IBM Db2 and its add-ons, you can turn off this functionality with a registry key.
Flexnet Inventory Agent Excludes the Scanning of Docker Image Folders on Linux Machines Running Docker Containers
To prevent processing excessive file inventory evidence, the FlexNet inventory agent now does not scan Docker image folders on Linux machines, where possible containers are defined and saved. However, inventory from running Docker containers is still gathered directly by the FlexNet inventory agent, from both Linux servers and Windows Docket hosts, and returned as installer evidence in its own .ndi file.
Flexnet Inventory Agent Generates a Unique Agent ID for Windows Devices
For physical machines, the AgentID is generated based on the hostname and BIOS SerialNumber property. In certain circumstances on Windows devices, the serial number may be invalid, non-unique, or missing. If two or more devices shared the same device name and the serial number falls under this scenario, duplicate AgentIDs resulted. Now, the FlexNet inventory agent generates a unique agent ID for Windows devices with the same name even when serial number is unusable.
Fixes for Issues Related to Adoption of Certain Unix Agents
Previously, adoption of Linux RPM-based and AIX devices could use the wrong path for the agent application data folder, or fail to adopt the device successfully. This update resolves this behavior and adoption installs the agent correctly.
Fixes to Update the Flexnet Inventory Agent Policy Information on Some Windows 2008 and Windows 2012 Servers
Agent modules that failed to start a required process have been updated with a retry that will use an additional Windows API flag that allows the process to start. The following modules require this update:
-
The policy client (
mgspolicy.exe) that needs to start the launcher (ndlaunch.exe) -
The launcher (
ndlaunch.exe) that needs to start the schedule Agent (ndschedag.exe) -
The schedule Agent (
ndschedag.exe) that needs to start the policy client (mgspolicy.exe) or the launcher (ndlaunch.exe) or the inventory agent (ndtrack.exe)
macOS FlexNet Inventory Agent Now Collects User Information Including Domain for the Currently Logged-In User
On macOS, the FlexNet inventory agent now collects information for the currently logged-in user including their domain. This is required with Mac software licensing when using Named User licenses. However, note that macOS does not track the last logged-in user, so that if no one is logged in when FlexNet inventory agent runs, macOS returns system. Therefore, if you want the user name to appear in inventory, carefully review your inventory collection schedules for alignment with user working hours; or instead, use allocations of license entitlements to the users in question. Relying on inventory from macOS may mean that the user name record bounces between the real user name and system, depending on whether the user was logged in at each day's inventory time.
macOS Flexnet Inventory Agent Now Collects Inventory From Big Sur
The Inventory Agent support for macOS now extends to the latest version, Big Sur, with the same inventory-gathering functionality as available on earlier releases of macOS.
In fact, tests indicate that FlexNet inventory agent version 14.0.0 and later all collect inventory from macOS Big Sur when running on the Intel architecture. With the forthcoming release of Apple's new Arm chipset in macOS devices, a minimum of version 16.0.1 of FlexNet inventory agent will be required: there are no plans to port older versions of FlexNet inventory agent to the Arm platform.
New Timeout When Gathering Oracle Inventory on Unix-Like Platforms
A timeout for inventory collection from Oracle Database and associated options running on UNIX-like platforms now prevents a hung command from stopping the entire inventory-gathering process. For example, on some devices, certain commands might trigger a credentials challenge. Since FlexNet inventory agent does not provide passwords on demand, this previously blocked all further action. Now the timeout means that the FlexNet inventory agent can 'step back' from a blocking action, allow that single inventory command to fail, and then continue on with the rest of its process.
The timeout:
-
Is available with the upgrade of FlexNet inventory agent to version 15.2.0 (or later)
-
Works for both locally-installed FlexNet inventory agent and the Zero-footprint method of remote inventory collection
-
Defaults to 10 seconds, with no set-up or configuration required
-
Can be configured to any value from 1 to 60 seconds, either as a command-line option, or as a setting in the
config.inifile that functions as a pseudo-registry on UNIX-like platforms.
The preference name is OracleEnvironmentCmdTimeoutSeconds, and full details are available in the OracleEnvironmentCmdTimeoutSeconds topic in the Gathering FlexNet Inventory reference.
Handles More Than 8 CPUs on Windows 2003 Servers
The ndtrack executable now successfully gathers WMI inventory on servers running Windows 2003 Enterprise x64 SP2 and having more than 8 CPUs.
FlexNet Inventory Agent Successfully Inventories Linux Servers With Docker Installed
The FlexNet inventory agent now correctly filters Docker container data.
Local Oracle Inventory Now Succeeds When Tnsnames.ora Is Missing on Windows Machines
The Windows FlexNet inventory agent no longer requires tnsnames.ora on Windows computers when running local inventory.
Oracle Database In-Memory Option Is Now Reported
The version check logic for the query execution for Database In-Memory usage is now fixed, allowing Oracle Database In-Memory to successfully execute in-memory scans, joins, and aggregation. This changed is pushed down through a content update.
Timeout When Oracle User Login Script Hangs During Oracle Database Inventory Gathering
The FlexNet inventory agent attempts to call an Oracle executable with the current level of access. If the executable prompts for a password, the FlexNet inventory agent previously would hang. A timeout has been added that results in this scenario no longer hanging the FlexNet inventory agent.
Recognition of the Oracle Real Application Clusters (RAC) One Node Option
Recognition of Oracle Real Application Clusters (RAC) One Node option supporting versions 11g, 12c, 18c, and 19c.
Ensure that the Rule for InventorySettings.xml in the Inventory extensions version section in the Inventory Settings page is set to version 52 or later.
Enables Usage Tracking Based on Add/Remove Programs Evidence When "Enable Usage Tracking" Setting Is Selected
FlexNet inventory agent for Microsoft Windows platforms supports gathering evidence from Add/Remove Programs to help in tracking software usage.
Collect Inventory for Docker Containers, Images and Hosts
The FlexNet inventory agent will now detect Docker images and containers when installed on your 64 bit Linux host. Application inventory is collected on running containers. This is achieved using Zero-footprint inventory collection.
-
Image and container discovery
-
Event based container scanning identifies the status of each container
-
Performs a one-time Zero-footprint inventory of applications on running containers
-
Collects image ID, repository tags and repository digest information.
Once an inventory for an image has been successfully collected, the FlexNet inventory agent will not inject the tracker into any subsequent containers based on that image. The image is identified by its ID, rather than its tag, so updating a particular image will result in the agent injecting the tracker into containers launched from the updated image.
To enable this feature, you can do either of the following:
-
Enable the setting globally using the Enable detection of Docker and running inventory agent inside Docker containers in the Inventory Settings page.
-
Create or set the PerformDockerInventoryScan Tracker setting to the value True in the mgspolicy command line.
noteThe agent component also requires the Docker service to be available on the local host through the default Docker socket. The agent component will not continue to run if it cannot connect the Docker service.
Add Identification for Oracle VM VirtualBox
The FlexNet inventory agent will now detect and scan a VirtualBox instance on a computer. This functionality permits identification of the Oracle VM VirtualBox Extension Pack.
Meter 64-bit Applications for Usage Tracking
The FlexNet inventory agent will now correctly meter executables under installation directories identified in Windows 64-bit Add/Remove Programs registry settings.
Remove Possibility of Usage Tracking Linking the Executable to the Wrong Application
This update removes the possibility for an executable to map to the wrong application for usage metering on Windows devices. This could occur when multiple applications share the same installation directory, and the UseAddRemove preference is set to "true." For more information on this setting, refer to UseAddRemove to the Gathering FlexNet Inventory guide.
Recognition of Adobe Acrobat 2017 Editions
Added the ability to identify Adobe Acrobat 2017 Standard, Pro, and Trial editions.
Compatibility With Photon OS
Confirmation of FlexNet inventory agent compatibility with Photon OS 3.0.
Support for macOS 10.15
FlexNet inventory agent 14.0.0 introduces support for macOS 10.15 (Catalina):
-
Installation: The installation package supports both:
-
64-bit systems, to install FlexNet inventory agent on macOS 10.15 and later devices
-
32-bit systems, so that you can install this FlexNet inventory agent on devices running older 32-bit versions of macOS.
-
-
Upgrade warning: If previous releases of FlexNet inventory agent are already installed on Apple inventory devices currently running earlier versions of macOS, these installations need to be upgraded to FlexNet inventory agent version 14.0.0 or later before the OS is upgraded to macOS 10.15. If the OS is upgraded without first upgrading the installed FlexNet inventory agents, the existing 32-bit FlexNet inventory agent will no longer be able to run on the upgraded inventory device. As a result, in this scenario it will be impossible for device policy to upgrade the FlexNet inventory agent. Recovering from such a case will require manually upgrading the FlexNet inventory agent to version 14.0.0 or later. However, if you upgrade FlexNet inventory agent first to 14.0.0 or later, and subsequently upgrade the macOS version to 10.15, the 64-bit support in this latest FlexNet inventory agent means that the system continues to operate as usual after the upgrades.
Support for Inventory of Linux KVM Virtualization
A locally-installed FlexNet inventory agent 14.0.0 collects inventory from virtual machines (and hosts, although here you may prefer zero footprint inventory collection by an inventory beacon version 14.0.0 or later) on Linux virtual hosts using Kernel-based Virtual Machine (KVM) infrastructure. To ensure that inventory is imported from every guest VM on the host, the inventory from the host must be gathered by an FlexNet inventory agent 14.0.0 (or later) running as root, or the inventory beacon running zero footprint inventory collection as root. If, for some reason, you choose to execute FlexNet inventory agent as some other, non-root account, only those guest VMs to which that account has access are included in inventory.
FlexNet Inventory Agent Unique Identifier
The FlexNet inventory agent now creates a unique identifier on a device when it executes for the first time. This unique identifier, called the AgentID, is used when resolving the inventory data from a device to determine which computer record matches the inventory (earlier versions relied on the domain name and computer name, which are still the fallback used if the AgentID is missing). With the AgentID, multiple devices with same domain name and computer name can now be distinguished from one another, so that separate computer records are created in the inventory database. This feature works for any deployment of the ndtrack executable, including the locally installed FlexNet inventory agent, zero footprint inventory collection managed by an inventory beacon, or the lightweight FlexNet Inventory Scanner.
Java Inventory Also on Unix-Like Platforms
Collection of additional inventory for Java, already supported on Microsoft Windows, is now added for all supported UNIX-like platforms. In the file /var/opt/managesoft/etc/config.ini, the includedirectory preference must be correctly set to allow scanning of the folder where Java is installed: this is set automatically when the installer for FlexNet inventory agent is run; but if you are using third-party deployment, you may need to manage this separately. And as always, with the FlexNet Inventory Scanner, you must include the appropriate setting in the command line, overriding its default value of not doing any file scanning.
Enhanced Inventory From Microsoft Azure VMs
Although inventory could be collected from VMs on Microsoft Azure since the earlier 2018 R1 (13.0.0) release, those intermediate releases relied on the parallel use of the Microsoft Azure adapter to complete the inventory picture (especially the host/guest relationships). From this release, the FlexNet inventory agent locally installed on the guest instance reports the full set of Microsoft Azure VM data, so that running the separate adapter is no longer mandatory (however, the Microsoft Azure adapter remains useful for identifying inventory gaps, where the FlexNet inventory agent has not been installed on a guest).
Auto-Upgrades of Flexnet Inventory Agent Work in Custom Installation Paths (AIX/Linux)
With previous versions of FlexNet inventory agent on either AIX or Linux operating systems, upgrades (or downgrades) driven by downloaded device policy were available only when the installation was in the default location. From this release, policy-driven upgrades or downgrades are extended to cover installations in custom locations on either AIX or Linux operating systems.
Signing of Linux RPM Packages
Signing of Linux RPM (Red Hat Package Manager) packages gives you an additional layer of security if you are managing your own installation of Linux RPM packages for FlexNet inventory agent. (Only RPM packages are now signed, with DEB packages unchanged.) The public key is available from the Product and License Center as a separate download titled Inventory agent 13-1-0+ Linux RPM installer public key.zip. Your company password for the Flexera Customer Community is required to access this download. The fact that the key must be downloaded from a separate, password-protected source gives you some improvement in security.
FlexNet Inventory Agent Release 13.0.1
Local Inventory From Oracle Pluggable Databases
-
Introduced in Oracle 12c, pluggable databases could previously be inventoried using direct inventory collection managed by an inventory beacon. With this release, this inventory is now also supported using all forms of the FlexNet inventory component locally installed on the Oracle server:
-
The full FlexNet inventory agent, whether deployed by 'adoption' or by third-party tools
-
The lightweight FlexNet Inventory Scanner
-
Zero-footprint inventory gathering, where an inventory beacon temporarily installs the inventory component on the target server, runs it, and removes it again (leaving zero installation footprint).
Requires InventorySettings.xml version 27 or later.
If the container database instance is in standby mode (mounted, but not running), only this instance can be inventoried. When the container instance is running, inventory is gathered from pluggable databases in either read-only or read/write mode.
FlexNet Inventory Agent Release 12.4.0
Gathering Inventory From Standby Oracle Database Instances
The FlexNet inventory agent, locally installed on an Oracle Database server, collects software inventory from any operational Oracle database instances (as well as collecting hardware inventory, as required for certain license types). From this release, it also gathers inventory from Oracle instances that are in standby (that is, instances that are in MOUNT mode but not READ mode). This includes Oracle Data Guard instances that are in standby, awaiting a possible switch into production.
However, Oracle advises that certain inventory queries are impossible on a standby Oracle database instance. Therefore, the inventory data from an Oracle instance that is only ever inventoried while in standby is less complete than the inventory collected from active Oracle database instances. If the same (standby) database instance is subsequently inventoried while in MOUNT mode, the missing inventory values are added to the instance record. Conversely, if an Oracle database instance has been inventoried while active, and is subsequently inventoried while in standby, the additional values are removed for consistency with the latest inventory.
This functionality is also available in the lightweight FlexNet Inventory Scanner, and in zero footprint inventory collection, where an appropriate inventory beacon downloads and runs the inventory core components on a target device.
FlexNet Inventory Agent Release 12.3.0
Support for IPv6 Address Families
Support for the FlexNet inventory agent communicating with an inventory beacon includes the following:
-
Both IPv6 and dual stack (IPv6 and IPv4) networks are supported, in addition to existing IPv4 support.
-
Includes both the full FlexNet inventory agent and the lightweight FlexNet Inventory Scanner.
-
Link-local IPv6 addresses, which are valid and unique only on a single network link, are not supported, since these are contrary to the policy-driven nature of managed devices. However, both global and unique local scopes are supported.
-
The FlexNet inventory agent uses the first IP address returned after a DNS request, by default, regardless of its address family. There is also a preference you can set to favour either IPv6 or IPv4, for those situations where manual configuration is desirable.
-
Files downloaded to all FlexNet inventory agents cannot use the IPv6 address family, since such details may reach legacy versions of FlexNet inventory agent that cannot process the new address format. Examples include the fail-over list of all inventory beacons, or the networkname property in the
C:\Program Files (x86)\Flexera Software\Inventory Beacon\DotNet\conf\BeaconEngine.config filethat configures the web server on the inventory beacon. Instead, use either the hostname or fully-qualified domain name of the inventory beacon, so that inventory devices rely (as normal) on DNS results to contact an inventory beacon appropriate for them. -
CAL device license consumption is only supported using the IPv4 address family.
FlexNet Inventory Agent Release 12.2.0
Remediation of Security Vulnerability
The Common Vulnerabilities and Exposures (CVE) identifier of this vulnerability is CVE-2017-6885. To understand the potential consequences of this vulnerability, please refer to the Common Consequences section of Common Weakness Enumeration CWE-426. The Common Vulnerability Scoring System (CVSS) base score for this vulnerability is 7.8 and the temporal score is 7.0.
This fix applies to both the full FlexNet inventory agent and the lightweight FlexNet Inventory Scanner, and also requires updates of FlexNet Beacon.
FlexNet Inventory Agent Release 12.1.0
Improved HTTPS Support on Unix-Like Platforms
Communication between the FlexNet inventory agent and inventory beacons may be secured with the HTTPS protocol. For typical (maximum) security, this requires the exchange of server certificates, and checking by the FlexNet inventory agent that the server certificate has not been revoked by the Certificate Authority (CA).
On Windows platforms, certificate checking is determined by Group Policy. In previous releases for FlexNet inventory agent running on UNIX-like platforms, revocation checking was supported using Certificate Revocation Lists (CRLs). This can be time-consuming, since each check can require downloading the entire listing of revoked certificates.
A newer technology is to use OCSP revocation checking. The Online Certificate Status Protocol allows a much faster request to the OCSP server for the revocation status of a single certificate.
This release allows administrators to prioritize OCSP and CRL checking for UNIX-like platforms. It also allows failover from one system to the other with a simple preference setting for the FlexNet inventory agent.